CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-22124

An uncontrolled resource consumption (denial of service) vulnerability in the login modules of FortiSandbox 3.2.0 through 3.2.2, 3.1.0 through 3.1.4, and 3.0.0 through 3.0.6; and FortiAuthenticator before 6.0.6 may allow an unauthenticated attacker to bring the device into an unresponsive state via specifically-crafted long request parameters.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.011

EPSS Ranking 77.2%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 7.8

References

Products affected by CVE-2021-22124

Fortinet » Fortiauthenticator » Version: 4.2.0

cpe:2.3:a:fortinet:fortiauthenticator:4.2.0
Fortinet » Fortiauthenticator » Version: 4.2.1

cpe:2.3:a:fortinet:fortiauthenticator:4.2.1
Fortinet » Fortiauthenticator » Version: 4.3.0

cpe:2.3:a:fortinet:fortiauthenticator:4.3.0
Fortinet » Fortiauthenticator » Version: 4.3.1

cpe:2.3:a:fortinet:fortiauthenticator:4.3.1
Fortinet » Fortiauthenticator » Version: 4.3.2

cpe:2.3:a:fortinet:fortiauthenticator:4.3.2
Fortinet » Fortiauthenticator » Version: 4.3.3

cpe:2.3:a:fortinet:fortiauthenticator:4.3.3
Fortinet » Fortiauthenticator » Version: 4.3.4

cpe:2.3:a:fortinet:fortiauthenticator:4.3.4
Fortinet » Fortiauthenticator » Version: 5.0.0

cpe:2.3:a:fortinet:fortiauthenticator:5.0.0
Fortinet » Fortiauthenticator » Version: 5.1.0

cpe:2.3:a:fortinet:fortiauthenticator:5.1.0
Fortinet » Fortiauthenticator » Version: 5.1.1

cpe:2.3:a:fortinet:fortiauthenticator:5.1.1
Fortinet » Fortiauthenticator » Version: 5.1.2

cpe:2.3:a:fortinet:fortiauthenticator:5.1.2
Fortinet » Fortiauthenticator » Version: 5.2.0

cpe:2.3:a:fortinet:fortiauthenticator:5.2.0
Fortinet » Fortiauthenticator » Version: 5.2.1

cpe:2.3:a:fortinet:fortiauthenticator:5.2.1
Fortinet » Fortiauthenticator » Version: 5.2.2

cpe:2.3:a:fortinet:fortiauthenticator:5.2.2
Fortinet » Fortiauthenticator » Version: 5.3.0

cpe:2.3:a:fortinet:fortiauthenticator:5.3.0
Fortinet » Fortiauthenticator » Version: 5.3.1

cpe:2.3:a:fortinet:fortiauthenticator:5.3.1
Fortinet » Fortiauthenticator » Version: 5.4.0

cpe:2.3:a:fortinet:fortiauthenticator:5.4.0
Fortinet » Fortiauthenticator » Version: 5.4.1

cpe:2.3:a:fortinet:fortiauthenticator:5.4.1
Fortinet » Fortiauthenticator » Version: 5.5.0

cpe:2.3:a:fortinet:fortiauthenticator:5.5.0
Fortinet » Fortiauthenticator » Version: 6.0.0

cpe:2.3:a:fortinet:fortiauthenticator:6.0.0
Fortinet » Fortiauthenticator » Version: 6.0.1

cpe:2.3:a:fortinet:fortiauthenticator:6.0.1
Fortinet » Fortiauthenticator » Version: 6.0.2

cpe:2.3:a:fortinet:fortiauthenticator:6.0.2
Fortinet » Fortiauthenticator » Version: 6.0.3

cpe:2.3:a:fortinet:fortiauthenticator:6.0.3
Fortinet » Fortiauthenticator » Version: 6.0.4

cpe:2.3:a:fortinet:fortiauthenticator:6.0.4
Fortinet » Fortiauthenticator » Version: 6.0.5

cpe:2.3:a:fortinet:fortiauthenticator:6.0.5
Fortinet » Fortisandbox » Version: 3.0.0

cpe:2.3:a:fortinet:fortisandbox:3.0.0
Fortinet » Fortisandbox » Version: 3.0.1

cpe:2.3:a:fortinet:fortisandbox:3.0.1
Fortinet » Fortisandbox » Version: 3.0.2

cpe:2.3:a:fortinet:fortisandbox:3.0.2
Fortinet » Fortisandbox » Version: 3.0.3

cpe:2.3:a:fortinet:fortisandbox:3.0.3
Fortinet » Fortisandbox » Version: 3.0.4

cpe:2.3:a:fortinet:fortisandbox:3.0.4
Fortinet » Fortisandbox » Version: 3.0.5

cpe:2.3:a:fortinet:fortisandbox:3.0.5
Fortinet » Fortisandbox » Version: 3.0.6

cpe:2.3:a:fortinet:fortisandbox:3.0.6
Fortinet » Fortisandbox » Version: 3.1.0

cpe:2.3:a:fortinet:fortisandbox:3.1.0
Fortinet » Fortisandbox » Version: 3.1.1

cpe:2.3:a:fortinet:fortisandbox:3.1.1
Fortinet » Fortisandbox » Version: 3.1.2

cpe:2.3:a:fortinet:fortisandbox:3.1.2
Fortinet » Fortisandbox » Version: 3.1.3

cpe:2.3:a:fortinet:fortisandbox:3.1.3
Fortinet » Fortisandbox » Version: 3.1.4

cpe:2.3:a:fortinet:fortisandbox:3.1.4
Fortinet » Fortisandbox » Version: 3.2.0

cpe:2.3:a:fortinet:fortisandbox:3.2.0
Fortinet » Fortisandbox » Version: 3.2.1

cpe:2.3:a:fortinet:fortisandbox:3.2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-22124

Products

Pricing

Contact Us