Uninitialized Pointer Vulnerability in Fortinet FortiProxy and FortiOS

Uninitialized Pointer Vulnerability in Fortinet FortiProxy and FortiOS

CVE-2023-29178 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

A access of uninitialized pointer vulnerability [CWE-824] in Fortinet FortiProxy version 7.2.0 through 7.2.3 and before 7.0.9 and FortiOS version 7.2.0 through 7.2.4 and before 7.0.11 allows an authenticated attacker to repetitively crash the httpsd process via crafted HTTP or HTTPS requests.

Learn more about our Cis Benchmark Audit For Apple Ios.