VYPR
Unrated severityNVD Advisory· Published Jul 18, 2022· Updated Aug 4, 2024

CVE-2021-42755

CVE-2021-42755

Description

An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service.

Affected products

6
  • Range: <=6.4.3, <=6.0.10
  • Range: =7.0.0, <=2.0.6, <=1.2.x, <=1.1.x, <=1.0.x
  • Fortinet/Fortiosllm-fuzzy
    Range: <=7.0.2, <=6.4.8, <=6.2.10, <=6.0.x
  • Range: <=6.4.2, <=6.0.10
  • Range: <=7.0.2, <=6.4.9, <=6.2.x, <=6.0.x
  • Fortinet/Fortinet FortiSwitch, FortiRecorder, FortiVoiceEnterprise, FortiOS, FortiProxyv5
    Range: FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.