Unrated severityNVD Advisory· Published Jul 18, 2022· Updated Aug 4, 2024
CVE-2021-42755
CVE-2021-42755
Description
An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service.
Affected products
6- Range: <=6.4.3, <=6.0.10
- Range: =7.0.0, <=2.0.6, <=1.2.x, <=1.1.x, <=1.0.x
- Range: <=6.4.2, <=6.0.10
- Range: <=7.0.2, <=6.4.9, <=6.2.x, <=6.0.x
- Fortinet/Fortinet FortiSwitch, FortiRecorder, FortiVoiceEnterprise, FortiOS, FortiProxyv5Range: FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below
Patches
Vulnerability mechanics
References
1- fortiguard.com/psirt/FG-IR-21-155mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.