Unrated severityNVD Advisory· Published Aug 4, 2021· Updated Oct 25, 2024
CVE-2021-22124
CVE-2021-22124
Description
An uncontrolled resource consumption (denial of service) vulnerability in the login modules of FortiSandbox 3.2.0 through 3.2.2, 3.1.0 through 3.1.4, and 3.0.0 through 3.0.6; and FortiAuthenticator before 6.0.6 may allow an unauthenticated attacker to bring the device into an unresponsive state via specifically-crafted long request parameters.
Affected products
3- Range: 3.0.0 - 3.0.6, 3.1.0 - 3.1.4, 3.2.0 - 3.2.2
<6.0.6+ 1 more
- (no CPE)range: <6.0.6
- (no CPE)range: FortiSandbox 3.2.2, 3.2.1, 3.2.0, 3.1.4, 3.1.3, 3.1.2, 3.1.1, 3.1.0, 3.0.6, 3.0.5, 3.0.4, 3.0.3, 3.0.2, 3.0.1, 3.0.0, FortiAuthenticator before 6.0.6
Patches
Vulnerability mechanics
References
1- fortiguard.com/advisory/FG-IR-20-170mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.