Lucene search
FortinetCVELIST:CVE-2022-41333HistoryMar 07, 2023 - 4:04 p.m.
CVE-2022-41333
2023-03-0716:04:43
CWE-400
fortinet
www.cve.org
4
cve-2022-41333
fortirecorder
uncontrolled resource consumption
cwe-400
authentication mechanism
unauthenticated attacker
crafted get requests
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RC:R
EPSS
0.001
Percentile
44.1%
An uncontrolled resource consumption vulnerability [CWE-400] in FortiRecorder version 6.4.3 and below, 6.0.11 and below login authentication mechanism may allow an unauthenticated attacker to make the device unavailable via crafted GET requests.
CNA Affected
[
{
"vendor": "Fortinet",
"product": "FortiRecorder",
"defaultStatus": "unaffected",
"versions": [
{
"versionType": "semver",
"version": "6.4.0",
"lessThanOrEqual": "6.4.3",
"status": "affected"
},
{
"versionType": "semver",
"version": "6.0.0",
"lessThanOrEqual": "6.0.11",
"status": "affected"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2023-03-07 17:15:00
zdt
zdt
FortiRecorder 6.4.3 - Denial of Service Exploit
2023-04-08 00:00:00
cve
cve
CVE-2022-41333
2023-03-07 17:15:12
nvd
nvd
CVE-2022-41333
2023-03-07 17:15:12
packetstorm
packetstorm
FortiRecorder 6.4.3 Denial Of Service
2023-04-10 00:00:00
exploitdb
exploitdb
FortiRecorder 6.4.3 - Denial of Service
2023-04-08 00:00:00
fortinet
fortinet
FortiRecorder - DoS in login authentication mechanism
2023-03-07 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RC:R
EPSS
0.001
Percentile
44.1%
Related for CVELIST:CVE-2022-41333