CVE-2022-41333
published 2023-03-07CVE-2022-41333: An uncontrolled resource consumption vulnerability [CWE-400] in FortiRecorder version 6.4.3 and below, 6.0.11 and below login authentication mechanism may…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EXPLOIT
An uncontrolled resource consumption vulnerability [CWE-400] in FortiRecorder version 6.4.3 and below, 6.0.11 and below login authentication mechanism may allow an unauthenticated attacker to make the device unavailable via crafted GET requests.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortirecorder | — | — |
| fortinet | fortirecorder | 6.0.0 – 6.0.11 | — |
| fortinet | fortirecorder | 6.4.0 – 6.4.3 | — |
| fortinet | fortirecorder_firmware | 6.0.0 – 6.0.11 | — |
| fortinet | fortirecorder_firmware | 6.4.0 – 6.4.3 | — |
| fortinet | fortirecorderfirmware | — | — |