Access of Uninitialized Pointer

CVE-2022-29055

High

7.5/10

Summary

A access of uninitialized pointer in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x, FortiProxy version 7.0.0 through 7.0.4, 2.0.0 through 2.0.9, 1.2.x allows a remote unauthenticated or authenticated attacker to crash the sslvpn daemon via an HTTP GET request.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: HIGH

CWE-824 - Access of Uninitialized Pointer

The program accesses or uses a pointer that has not been initialized.

References

Advisory Timeline

Published Oct 18, 2022

Access of Uninitialized Pointer

CVE-2022-29055

Summary

CWE-824 - Access of Uninitialized Pointer

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS