Denial of Service vulnerability in SSL VPN service of FortiOS

Overview :

New vulnerabilities discovered in FortiOS

Affected Product(s) :

FortiOS versions 6.2.1 and below.
FortiOS versions 6.0.6 and below.

Vulnerability Details :

CVE ID :	CVE-2019-15705
	An Improper Input Validation vulnerability in the SSL VPN portal of FortiOS may allow an unauthenticated remote attacker to crash the SSL VPN service by sending a crafted POST request.

Remediation / Fixes :

Please upgrade to FortiOS version 6.2.2 and above.

Please upgrade to FortiOS version 6.0.7 and above.

Contact us to get started

CVE-2024-47104 : IBM I 7.4/7.5 PHYSICAL FILE SECURITY ATTRIBUTES PERMISSION ASSIGNMENT

Description IBM i 7.4 and 7.5 is vulnerable to an authenticated user gaining elevated privilege to a physical file. A

Learn more

CVE-2024-47480 : DELL INVENTORY COLLECTOR CLIENT UP TO 12.6.X SYMLINK

Description Dell Inventory Collector Client, versions prior to 12.7.0, contains an Improper Link Resolution Before File Access vulnerability. A low-privilege

Learn more

CVE-2024-49820 : IBM SECURITY GUARDIUM KEY LIFECYCLE MANAGER 4.1/4.1.1/4.2.0/4.2.1 CLEARTEXT TRANSMISSION

Description IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive

Learn more