vulnerability

Fortinet FortiOS: Numeric Truncation Error (CVE-2023-36641)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:L/Au:S/C:N/I:N/A:C)	Nov 14, 2023	Nov 22, 2023	Jan 28, 2025

Severity

CVSS

(AV:N/AC:L/Au:S/C:N/I:N/A:C)

Published

Nov 14, 2023

Added

Nov 22, 2023

Modified

Jan 28, 2025

Description

A numeric truncation error in Fortinet FortiProxy version 7.2.0 through 7.2.4, FortiProxy version 7.0.0 through 7.0.10, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1, all versions, FortiProxy 1.0 all versions, FortiOS version 7.4.0, FortiOS version 7.2.0 through 7.2.5, FortiOS version 7.0.0 through 7.0.12, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions allows attacker to denial of service via specifically crafted HTTP requests.

Solution

fortios-upgrade-latest

References

CVE-2023-36641
https://attackerkb.com/topics/CVE-2023-36641
URL-https://fortiguard.com/psirt/FG-IR-23-151

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today