CVE-2024-36504

Medium CVSS 6.5

Overview

An out-of-bounds read vulnerability [CWE-125] in FortiOS SSLVPN web portal versions 7.4.0 through 7.4.4, versions 7.2.0 through 7.2.8, 7.0 all verisons, and 6.4 all versions may allow an authenticated attacker to perform a denial of service on the SSLVPN web portal via a specially crafted URL.

CWE: CWE-125 Published: 2025-01-14T14:15:30.433

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 6.5 (MEDIUM)
Detected tags: dos, oob_read (tag impact: LOW)

Recommended actions:

Rate limiting, resource quotas and circuit breakers.

Overview

Recommended tools

Tags