CVE-2019-17657
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2, FortiAnalyzer below 6.2.3, FortiManager below 6.2.3 and FortiAP-S/W2 below 6.2.2 may allow an attacker to cause admin webUI denial of service (DoS) via handling special crafted HTTP requests/responses in pieces slowly, as demonstrated by Slow HTTP DoS Attacks.
Una vulnerabilidad de Consumo No Controlado de Recursos en Fortinet FortiSwitch por debajo de las versiones 3.6.11, 6.0.6 y 6.2.2, FortiAnalyzer por debajo de las versiones 6.2.3, FortiManager por debajo de las funciones 6.2.3 y FortiAP-S/W2 por debajo de las versiones 6.2.2, puede permitir a un atacante causar una denegaciĆ³n de servicio (DoS) de la Interfaz de Usuario Web Administrativa mediante el manejo de peticiones y respuestas HTTP especialmente diseƱadas en partes lentamente, como es demostrado por los Ataques de DoS de HTTP Lento.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2019-10-16 CVE Reserved
- 2020-04-07 CVE Published
- 2023-03-08 EPSS Updated
- 2024-10-25 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-400: Uncontrolled Resource Consumption
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://fortiguard.com/psirt/FG-IR-19-013 | 2020-04-08 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Fortinet Search vendor "Fortinet" | Fortianalyzer Search vendor "Fortinet" for product "Fortianalyzer" | < 6.2.3 Search vendor "Fortinet" for product "Fortianalyzer" and version " < 6.2.3" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Fortiap-s Search vendor "Fortinet" for product "Fortiap-s" | < 6.2.2 Search vendor "Fortinet" for product "Fortiap-s" and version " < 6.2.2" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Fortiap-w2 Search vendor "Fortinet" for product "Fortiap-w2" | < 6.2.2 Search vendor "Fortinet" for product "Fortiap-w2" and version " < 6.2.2" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Fortimanager Search vendor "Fortinet" for product "Fortimanager" | < 6.2.3 Search vendor "Fortinet" for product "Fortimanager" and version " < 6.2.3" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Fortiswitch Search vendor "Fortinet" for product "Fortiswitch" | < 3.6.11 Search vendor "Fortinet" for product "Fortiswitch" and version " < 3.6.11" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Fortiswitch Search vendor "Fortinet" for product "Fortiswitch" | >= 6.0.0 < 6.0.6 Search vendor "Fortinet" for product "Fortiswitch" and version " >= 6.0.0 < 6.0.6" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Fortiswitch Search vendor "Fortinet" for product "Fortiswitch" | >= 6.2.0 < 6.2.2 Search vendor "Fortinet" for product "Fortiswitch" and version " >= 6.2.0 < 6.2.2" | - |
Affected
|