VYPR
Unrated severityNVD Advisory· Published Aug 4, 2021· Updated Oct 25, 2024

CVE-2021-22124

CVE-2021-22124

Description

An uncontrolled resource consumption (denial of service) vulnerability in the login modules of FortiSandbox 3.2.0 through 3.2.2, 3.1.0 through 3.1.4, and 3.0.0 through 3.0.6; and FortiAuthenticator before 6.0.6 may allow an unauthenticated attacker to bring the device into an unresponsive state via specifically-crafted long request parameters.

Affected products

3
  • Range: 3.0.0 - 3.0.6, 3.1.0 - 3.1.4, 3.2.0 - 3.2.2
  • Fortinet/Fortiauthenticatorllm-fuzzy2 versions
    <6.0.6+ 1 more
    • (no CPE)range: <6.0.6
    • (no CPE)range: FortiSandbox 3.2.2, 3.2.1, 3.2.0, 3.1.4, 3.1.3, 3.1.2, 3.1.1, 3.1.0, 3.0.6, 3.0.5, 3.0.4, 3.0.3, 3.0.2, 3.0.1, 3.0.0, FortiAuthenticator before 6.0.6

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.