A loop with unreachable exit condition ('infinite loop') in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS version 7.0.0 through 7.0.10, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiProxy version 7.2.0 through 7.2.3, FortiProxy version 7.0.0 through 7.0.9, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1 all versions, FortiProxy 1.0 all versions, FortiWeb version 7.2.0 through 7.2.1, FortiWeb version 7.0.0 through 7.0.6, FortiWeb 6.4 all versions, FortiWeb 6.3 all versions allows attacker to perform a denial of service via specially crafted HTTP requests.
References
| Link | Resource |
|---|---|
| https://fortiguard.com/psirt/FG-IR-22-375 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
22 Jun 2023, 15:56
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Fortinet fortios
Fortinet fortiproxy Fortinet Fortinet fortiweb |
|
| CPE | cpe:2.3:a:fortinet:fortiweb:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:* |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
| CWE | CWE-835 | |
| References | (MISC) https://fortiguard.com/psirt/FG-IR-22-375 - Vendor Advisory |
13 Jun 2023, 09:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-06-13 09:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-33305
Mitre link : CVE-2023-33305
CVE.ORG link : CVE-2023-33305
JSON object : View
Products Affected
fortinet
- fortiproxy
- fortiweb
- fortios
CWE
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')