CVE-2023-33306

A null pointer dereference in Fortinet FortiOS before 7.2.5, before 7.0.11 and before 6.4.13, FortiProxy before 7.2.4 and before 7.0.10 allows attacker to denial of sslvpn service via specifically crafted request in bookmark parameter.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*

History

21 Nov 2024, 08:05

Type Values Removed Values Added
References () https://fortiguard.com/psirt/FG-IR-23-015 - Vendor Advisory () https://fortiguard.com/psirt/FG-IR-23-015 - Vendor Advisory

23 Jun 2023, 21:27

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.5
References (MISC) https://fortiguard.com/psirt/FG-IR-23-015 - (MISC) https://fortiguard.com/psirt/FG-IR-23-015 - Vendor Advisory
CWE CWE-476
First Time Fortinet fortiproxy
Fortinet
Fortinet fortios
CPE cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*

16 Jun 2023, 10:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-06-16 10:15

Updated : 2024-11-21 08:05


NVD link : CVE-2023-33306

Mitre link : CVE-2023-33306

CVE.ORG link : CVE-2023-33306


JSON object : View

Products Affected

fortinet

  • fortios
  • fortiproxy
CWE
CWE-476

NULL Pointer Dereference