Vulnerabilities > CVE-2023-33307 - NULL Pointer Dereference vulnerability in Fortinet Fortios and Fortiproxy

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
fortinet
CWE-476
NVD
Published: 2023-06-16
Updated: 2023-11-07

Summary

A null pointer dereference in Fortinet FortiOS before 7.2.5 and before 7.0.11, FortiProxy before 7.2.3 and before 7.0.9 allows attacker to denial of sslvpn service via specifically crafted request in network parameter.

Vulnerable Configurations

Part Description Count
OS
Fortinet
17
Application
Fortinet
12

Common Weakness Enumeration (CWE)

References