CVE-2024-46666

Medium CVSS 5.3

Overview

An allocation of resources without limits or throttling [CWE-770] vulnerability in FortiOS versions 7.6.0, versions 7.4.4 through 7.4.0, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow a remote unauthenticated attacker to prevent access to the GUI via specially crafted requests directed at specific endpoints.

CWE: CWE-770 Published: 2025-01-14T14:15:31.647

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 5.3 (MEDIUM)
Detected tags: unauth_access (tag impact: HIGH)

Recommended actions:

Enforce authentication/authorization; reduce default endpoint exposure.

Overview

Recommended tools

Tags