Vulnerabilities > CVE-2023-37934 - Unspecified vulnerability in Fortinet Fortipam

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

fortinet

NVD

Published: 2024-01-10

Updated: 2024-11-21

Summary

An allocation of resources without limits or throttling vulnerability [CWE-770] in FortiPAM 1.0 all versions allows an authenticated attacker to perform a denial of service attack via sending crafted HTTP or HTTPS requests in a high frequency.

Vulnerable Configurations

Part	Description	Count
OS	Fortinet Fortinet Fortipam 1.0.0 Fortinet Fortipam 1.0.1 Fortinet Fortipam 1.0.2 Fortinet Fortipam 1.0.3	4

References

https://fortiguard.com/psirt/FG-IR-23-226
https://fortiguard.com/psirt/FG-IR-23-226