Denial of Service vulnerability in SSL VPN service of FortiOS

Overview :

New vulnerabilities discovered in FortiOS

Affected Product(s) :

FortiOS versions 6.2.1 and below.
FortiOS versions 6.0.6 and below.

Vulnerability Details :

CVE ID :	CVE-2019-15705
	An Improper Input Validation vulnerability in the SSL VPN portal of FortiOS may allow an unauthenticated remote attacker to crash the SSL VPN service by sending a crafted POST request.

Remediation / Fixes :

Please upgrade to FortiOS version 6.2.2 and above.

Please upgrade to FortiOS version 6.0.7 and above.

Contact us to get started

CVE-2022-AVAST2 : Self-Defense Bypass via Repairing Function

Description It was noted that there is security checking to prevent some of the Avast processes from loading of undesired/unsigned

Learn more

CVE-2022-21500 : Oracle Security Alert Advisory

Description This Security Alert addresses vulnerability CVE-2022-21500, which affects some deployments of Oracle E-Business Suite. This vulnerability is remotely exploitable

Learn more

CVE-2022-1183 : Destroying a TLS session early causes assertion failure

Description On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure. Vulnerable configurations are those

Learn more

Denial of Service vulnerability in SSL VPN service of FortiOS

Remediation / Fixes :

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2022-AVAST2 : Self-Defense Bypass via Repairing Function

CVE-2022-21500 : Oracle Security Alert Advisory

CVE-2022-1183 : Destroying a TLS session early causes assertion failure