CVE-2021-22130

Name of the Vulnerable Software and Affected Versions FortiProxy physical appliance CLI versions 1.0.0 through 1.0.7 FortiProxy physical appliance CLI versions 1.1.0 through 1.1.6 FortiProxy physical appliance CLI versions 1.2.0 through 1.2.9 FortiProxy physical appliance CLI versions 2.0.0 through 2.0.1

Description A stack-based buffer overflow issue may allow an authenticated, remote attacker to perform a Denial of Service attack by running the diagnose sys cpuset command with a large cpuset mask value. There is no known successful exploitation of this issue that would lead to code execution.

Recommendations For FortiProxy physical appliance CLI versions 1.0.0 through 1.0.7, avoid using the diagnose sys cpuset command with large cpuset mask values to minimize the risk of exploitation. For FortiProxy physical appliance CLI versions 1.1.0 through 1.1.6, avoid using the diagnose sys cpuset command with large cpuset mask values to minimize the risk of exploitation. For FortiProxy physical appliance CLI versions 1.2.0 through 1.2.9, avoid using the diagnose sys cpuset command with large cpuset mask values to minimize the risk of exploitation. For FortiProxy physical appliance CLI versions 2.0.0 through 2.0.1, avoid using the diagnose sys cpuset command with large cpuset mask values to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.