Vulnerability Details CVE-2022-45861
An access of uninitialized pointer vulnerability [CWE-824] in the SSL VPN portal of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.11 and FortiProxy version 7.2.0 through 7.2.1, version 7.0.0 through 7.0.7 and before 2.0.11 allows a remote authenticated attacker to crash the sslvpn daemon via an HTTP GET request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.1%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2022-45861
-
cpe:2.3:a:fortinet:fortiproxy:1.1.5
-
cpe:2.3:a:fortinet:fortiproxy:1.1.6
-
cpe:2.3:a:fortinet:fortiproxy:1.2.0
-
cpe:2.3:a:fortinet:fortiproxy:1.2.1
-
cpe:2.3:a:fortinet:fortiproxy:1.2.10
-
cpe:2.3:a:fortinet:fortiproxy:1.2.11
-
cpe:2.3:a:fortinet:fortiproxy:1.2.12
-
cpe:2.3:a:fortinet:fortiproxy:1.2.13
-
cpe:2.3:a:fortinet:fortiproxy:1.2.2
-
cpe:2.3:a:fortinet:fortiproxy:1.2.3
-
cpe:2.3:a:fortinet:fortiproxy:1.2.4
-
cpe:2.3:a:fortinet:fortiproxy:1.2.5
-
cpe:2.3:a:fortinet:fortiproxy:1.2.6
-
cpe:2.3:a:fortinet:fortiproxy:1.2.7
-
cpe:2.3:a:fortinet:fortiproxy:1.2.8
-
cpe:2.3:a:fortinet:fortiproxy:1.2.9
-
cpe:2.3:a:fortinet:fortiproxy:2.0.0
-
cpe:2.3:a:fortinet:fortiproxy:2.0.1
-
cpe:2.3:a:fortinet:fortiproxy:2.0.10
-
cpe:2.3:a:fortinet:fortiproxy:2.0.11
-
cpe:2.3:a:fortinet:fortiproxy:2.0.2
-
cpe:2.3:a:fortinet:fortiproxy:2.0.3
-
cpe:2.3:a:fortinet:fortiproxy:2.0.4
-
cpe:2.3:a:fortinet:fortiproxy:2.0.5
-
cpe:2.3:a:fortinet:fortiproxy:2.0.6
-
cpe:2.3:a:fortinet:fortiproxy:2.0.7
-
cpe:2.3:a:fortinet:fortiproxy:2.0.8
-
cpe:2.3:a:fortinet:fortiproxy:2.0.9
-
cpe:2.3:a:fortinet:fortiproxy:7.0.0
-
cpe:2.3:a:fortinet:fortiproxy:7.0.1
-
cpe:2.3:a:fortinet:fortiproxy:7.0.2
-
cpe:2.3:a:fortinet:fortiproxy:7.0.3
-
cpe:2.3:a:fortinet:fortiproxy:7.0.4
-
cpe:2.3:a:fortinet:fortiproxy:7.0.5
-
cpe:2.3:a:fortinet:fortiproxy:7.0.6
-
cpe:2.3:a:fortinet:fortiproxy:7.0.7
-
cpe:2.3:a:fortinet:fortiproxy:7.2.0
-
cpe:2.3:a:fortinet:fortiproxy:7.2.1
-
cpe:2.3:o:fortinet:fortios:6.2.0
-
cpe:2.3:o:fortinet:fortios:6.2.1
-
cpe:2.3:o:fortinet:fortios:6.2.10
-
cpe:2.3:o:fortinet:fortios:6.2.11
-
cpe:2.3:o:fortinet:fortios:6.2.12
-
cpe:2.3:o:fortinet:fortios:6.2.13
-
cpe:2.3:o:fortinet:fortios:6.2.2
-
cpe:2.3:o:fortinet:fortios:6.2.3
-
cpe:2.3:o:fortinet:fortios:6.2.4
-
cpe:2.3:o:fortinet:fortios:6.2.5
-
cpe:2.3:o:fortinet:fortios:6.2.6
-
cpe:2.3:o:fortinet:fortios:6.2.7
-
cpe:2.3:o:fortinet:fortios:6.2.8
-
cpe:2.3:o:fortinet:fortios:6.2.9
-
cpe:2.3:o:fortinet:fortios:6.4.0
-
cpe:2.3:o:fortinet:fortios:6.4.1
-
cpe:2.3:o:fortinet:fortios:6.4.10
-
cpe:2.3:o:fortinet:fortios:6.4.11
-
cpe:2.3:o:fortinet:fortios:6.4.2
-
cpe:2.3:o:fortinet:fortios:6.4.3
-
cpe:2.3:o:fortinet:fortios:6.4.4
-
cpe:2.3:o:fortinet:fortios:6.4.5
-
cpe:2.3:o:fortinet:fortios:6.4.6
-
cpe:2.3:o:fortinet:fortios:6.4.7
-
cpe:2.3:o:fortinet:fortios:6.4.8
-
cpe:2.3:o:fortinet:fortios:6.4.9
-
cpe:2.3:o:fortinet:fortios:7.0.0
-
cpe:2.3:o:fortinet:fortios:7.0.1
-
cpe:2.3:o:fortinet:fortios:7.0.2
-
cpe:2.3:o:fortinet:fortios:7.0.3
-
cpe:2.3:o:fortinet:fortios:7.0.4
-
cpe:2.3:o:fortinet:fortios:7.0.5
-
cpe:2.3:o:fortinet:fortios:7.0.6
-
cpe:2.3:o:fortinet:fortios:7.0.7
-
cpe:2.3:o:fortinet:fortios:7.0.8
-
cpe:2.3:o:fortinet:fortios:7.0.9
-
cpe:2.3:o:fortinet:fortios:7.2.0
-
cpe:2.3:o:fortinet:fortios:7.2.1
-
cpe:2.3:o:fortinet:fortios:7.2.2
-
cpe:2.3:o:fortinet:fortios:7.2.3