CVE-2024-46667Allocation of Resources Without Limits or Throttling in Fortinet Fortisiem

CWE-770Allocation of Resources Without Limits or Throttling3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.6%
top 29.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Fortinet Fortisiem
Timeline
PublishedJan 14

Description

A allocation of resources without limits or throttling in Fortinet FortiSIEM 5.3 all versions, 5.4 all versions, 6.x all versions, 7.0 all versions, and 7.1.0 through 7.1.5 may allow an attacker to deny valid TLS traffic via consuming all allotted connections.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

NVDfortinet/fortisiem7.1.07.1.6+10
CVEListV5fortinet/fortisiem7.1.07.1.5+10

🔴Vulnerability Details

1
CVEList
CVE-2024-46667: A allocation of resources without limits or throttling in Fortinet FortiSIEM 52025-01-14

📋Vendor Advisories

1
Fortinet
A allocation of resources without limits or throttling in Fortinet FortiSIEM 5.3 all versions, 5.4 all versions, 6.x all...2025-01-14
CVE-2024-46667 — Fortinet Fortisiem vulnerability | cvebase