CVE-2023-29178

CVSS Score of 10 (low)

Details

Published Jun 13, 2023

Updated: Nov 7, 2023

CWE ID 824

Summary

CVE-2023-29178 is an access of uninitialized pointer vulnerability, identified as CWE-824, that affects Fortinet FortiProxy versions 7.2.0 through 7.2.3 and before 7.0.9, as well as FortiOS versions 7.2.0 through 7.2.4 and before 7.0.11. This vulnerability allows an authenticated attacker to repeatedly crash the httpsd process by sending crafted HTTP or HTTPS requests. The risk score associated with this vulnerability is 15, indicating a medium level of risk. To remediate the issue, organizations should update their Fortinet FortiProxy and FortiOS installations to versions 7.0.9 and 7.0.11 respectively or later versions provided by the vendor. This vulnerability poses a potential danger to organizations as it can lead to denial-of-service attacks that disrupt the availability of affected systems and services.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2023-29178 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future

Gain complete coverage of your cyber, third party, and physical attack surface
Proactively mitigate threats before they turn into costly attacks
Make fast, effective, data-driven decisions

Book your demo

Sign in

Back to Vulnerability Database