Critical Infrastructure Sectors: Energy
A access of uninitialized pointer vulnerability [CWE-824] in Fortinet FortiProxy version 7.2.0 up to and including 7.2.3 and prior to 7.0.9 and FortiOS version 7.2.0 up to and including 7.2.4 and prior to 7.0.11 allows an authenticated malicious user to repetitively crash the httpsd process via crafted HTTP or HTTPS requests.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortiproxy |
||
fortinet fortiproxy 7.2.0 |
||
fortinet fortiproxy 7.2.1 |
||
fortinet fortios |
||
fortinet fortiproxy 7.2.2 |
||
fortinet fortiproxy 7.2.3 |