VYPR
Unrated severityNVD Advisory· Published Jul 20, 2021· Updated Oct 25, 2024

CVE-2021-24022

CVE-2021-24022

Description

A buffer overflow vulnerability in FortiAnalyzer CLI 6.4.5 and below, 6.2.7 and below, 6.0.x and FortiManager CLI 6.4.5 and below, 6.2.7 and below, 6.0.x may allow an authenticated, local attacker to perform a Denial of Service attack by running the diagnose system geoip-city command with a large ip value.

Affected products

3
  • Fortinet/Fortianalyzerllm-fuzzy2 versions
    <=6.4.5, <=6.2.7, 6.0.x+ 1 more
    • (no CPE)range: <=6.4.5, <=6.2.7, 6.0.x
    • (no CPE)range: FortiAnalyzer 6.4.5 and below, 6.2.7 and below, 6.0.x; FortiManager 6.4.5 and below, 6.2.7 and below, 6.0.x
  • Range: <=6.4.5, <=6.2.7, 6.0.x

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.