Critical Infrastructure Sectors: Energy
A use after free vulnerability [CWE-416] in FortiOS version 7.2.0 up to and including 7.2.4 and version 7.0.0 up to and including 7.0.10 and FortiProxy version 7.2.0 up to and including 7.2.2 and version 7.0.0 up to and including 7.0.8 may allow an unauthenticated remote malicious user to crash the WAD process via multiple crafted packets reaching proxy policies or firewall policies with proxy mode alongside SSL deep packet inspection.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortiproxy 7.2.0 |
||
fortinet fortiproxy 7.2.1 |
||
fortinet fortiproxy |
||
fortinet fortios |
||
fortinet fortiproxy 7.2.2 |