Vulnerabilities > Fortinet > Fortiswitch > 3.2.2

DATE CVE VULNERABILITY TITLE RISK
2021-06-01 CVE-2021-26111 Memory Leak vulnerability in Fortinet Fortiswitch
A missing release of memory after effective lifetime vulnerability in FortiSwitch 6.4.0 to 6.4.6, 6.2.0 to 6.2.6, 6.0.0 to 6.0.6, 3.6.11 and below may allow an attacker on an adjacent network to exhaust available memory by sending specifically crafted LLDP/CDP/EDP packets to the device.
low complexity
fortinet CWE-401
6.5
6.5
2020-04-07 CVE-2019-17657 Resource Exhaustion vulnerability in Fortinet products
An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2, FortiAnalyzer below 6.2.3, FortiManager below 6.2.3 and FortiAP-S/W2 below 6.2.2 may allow an attacker to cause admin webUI denial of service (DoS) via handling special crafted HTTP requests/responses in pieces slowly, as demonstrated by Slow HTTP DoS Attacks.
network
low complexity
fortinet CWE-400
7.5
7.5
2016-08-24 CVE-2016-6909 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Fortinet Fortios and Fortiswitch
Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and 4.3.x before 4.3.9 and FortiSwitch before 3.4.3 allows remote attackers to execute arbitrary code via a crafted HTTP request, aka EGREGIOUSBLUNDER.
network
low complexity
fortinet CWE-119
critical
 9.8
9.8