A loop with unreachable exit condition ('infinite loop') in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS version 7.0.0 through 7.0.10, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiProxy version 7.2.0 through 7.2.3, FortiProxy version 7.0.0 through 7.0.9, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1 all versions, FortiProxy 1.0 all versions, FortiWeb version 7.2.0 through 7.2.1, FortiWeb version 7.0.0 through 7.0.6, FortiWeb 6.4 all versions, FortiWeb 6.3 all versions allows attacker to perform a denial of service via specially crafted HTTP requests.
References
| Link | Resource |
|---|---|
| https://fortiguard.com/psirt/FG-IR-22-375 | Vendor Advisory |
| https://fortiguard.com/psirt/FG-IR-22-375 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 08:05
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.9 |
| References | () https://fortiguard.com/psirt/FG-IR-22-375 - Vendor Advisory |
22 Jun 2023, 15:56
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Fortinet fortiproxy
Fortinet Fortinet fortios Fortinet fortiweb |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
| CPE | cpe:2.3:a:fortinet:fortiweb:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:7.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:* |
|
| References | (MISC) https://fortiguard.com/psirt/FG-IR-22-375 - Vendor Advisory | |
| CWE | CWE-835 |
13 Jun 2023, 09:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-06-13 09:15
Updated : 2024-11-21 08:05
NVD link : CVE-2023-33305
Mitre link : CVE-2023-33305
CVE.ORG link : CVE-2023-33305
JSON object : View
Products Affected
fortinet
- fortios
- fortiweb
- fortiproxy
CWE
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')