Detections
Analytics

CVE-2023-33307

medium

Description

A null pointer dereference in Fortinet FortiOS before 7.2.5 and before 7.0.11, FortiProxy before 7.2.3 and before 7.0.9 allows attacker to denial of sslvpn service via specifically crafted request in network parameter.

References

https://fortiguard.com/psirt/FG-IR-23-015

https://exchange.xforce.ibmcloud.com/vulnerabilities/258201

Details

Source: Mitre, NVD

Published: 2023-06-16

Updated: 2023-11-07

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium