{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-46667", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "state": "PUBLISHED", "assignerShortName": "fortinet", "dateReserved": "2024-09-11T12:14:59.204Z", "datePublished": "2025-01-14T14:09:58.844Z", "dateUpdated": "2025-02-18T21:37:18.364Z"}, "containers": {"cna": {"affected": [{"vendor": "Fortinet", "product": "FortiSIEM", "cpes": [], "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "7.1.0", "lessThanOrEqual": "7.1.5", "status": "affected"}, {"versionType": "semver", "version": "7.0.0", "lessThanOrEqual": "7.0.3", "status": "affected"}, {"versionType": "semver", "version": "6.7.0", "lessThanOrEqual": "6.7.9", "status": "affected"}, {"versionType": "semver", "version": "6.6.0", "lessThanOrEqual": "6.6.5", "status": "affected"}, {"versionType": "semver", "version": "6.5.0", "lessThanOrEqual": "6.5.3", "status": "affected"}, {"versionType": "semver", "version": "6.4.0", "lessThanOrEqual": "6.4.4", "status": "affected"}, {"versionType": "semver", "version": "6.3.0", "lessThanOrEqual": "6.3.3", "status": "affected"}, {"versionType": "semver", "version": "6.2.0", "lessThanOrEqual": "6.2.1", "status": "affected"}, {"versionType": "semver", "version": "6.1.0", "lessThanOrEqual": "6.1.2", "status": "affected"}, {"version": "5.4.0", "status": "affected"}, {"versionType": "semver", "version": "5.3.0", "lessThanOrEqual": "5.3.3", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A allocation of resources without limits or throttling in Fortinet FortiSIEM 5.3 all versions, 5.4 all versions, 6.x all versions, 7.0 all versions, and 7.1.0 through 7.1.5 may allow an attacker to deny valid TLS traffic via consuming all allotted connections."}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2025-01-14T14:09:58.844Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-770", "description": "Denial of service", "type": "CWE"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:W/RC:C"}}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiSIEM version 7.2.0 or above \nPlease upgrade to FortiSIEM version 7.1.6 or above"}], "references": [{"name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-164", "url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-164"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-01-14T14:27:09.560945Z", "id": "CVE-2024-46667", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-18T21:37:18.364Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-46667", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-01-14T14:27:09.560945Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-14T14:28:07.561Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:W/RC:C", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"cpes": [], "vendor": "Fortinet", "product": "FortiSIEM", "versions": [{"status": "affected", "version": "7.1.0", "versionType": "semver", "lessThanOrEqual": "7.1.5"}, {"status": "affected", "version": "7.0.0", "versionType": "semver", "lessThanOrEqual": "7.0.3"}, {"status": "affected", "version": "6.7.0", "versionType": "semver", "lessThanOrEqual": "6.7.9"}, {"status": "affected", "version": "6.6.0", "versionType": "semver", "lessThanOrEqual": "6.6.5"}, {"status": "affected", "version": "6.5.0", "versionType": "semver", "lessThanOrEqual": "6.5.3"}, {"status": "affected", "version": "6.4.0", "versionType": "semver", "lessThanOrEqual": "6.4.4"}, {"status": "affected", "version": "6.3.0", "versionType": "semver", "lessThanOrEqual": "6.3.3"}, {"status": "affected", "version": "6.2.0", "versionType": "semver", "lessThanOrEqual": "6.2.1"}, {"status": "affected", "version": "6.1.0", "versionType": "semver", "lessThanOrEqual": "6.1.2"}, {"status": "affected", "version": "5.4.0"}, {"status": "affected", "version": "5.3.0", "versionType": "semver", "lessThanOrEqual": "5.3.3"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiSIEM version 7.2.0 or above \nPlease upgrade to FortiSIEM version 7.1.6 or above"}], "references": [{"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-164", "name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-164"}], "descriptions": [{"lang": "en", "value": "A allocation of resources without limits or throttling in Fortinet FortiSIEM 5.3 all versions, 5.4 all versions, 6.x all versions, 7.0 all versions, and 7.1.0 through 7.1.5 may allow an attacker to deny valid TLS traffic via consuming all allotted connections."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-770", "description": "Denial of service"}]}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2025-01-14T14:09:58.844Z"}}}, "cveMetadata": {"cveId": "CVE-2024-46667", "state": "PUBLISHED", "dateUpdated": "2025-02-18T21:37:18.364Z", "dateReserved": "2024-09-11T12:14:59.204Z", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "datePublished": "2025-01-14T14:09:58.844Z", "assignerShortName": "fortinet"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*", "matchCriteriaId": "A0258A88-352D-4F9A-894D-F7442CAFE461", "versionEndIncluding": "5.3.3", "versionStartIncluding": "5.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*", "matchCriteriaId": "24480037-F5CE-4CCE-800D-8C707B7F36AF", "versionEndIncluding": "6.1.2", "versionStartIncluding": "6.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*", "matchCriteriaId": "3345EC56-9176-4463-A0B0-88267618383E", "versionEndIncluding": "6.2.1", "versionStartIncluding": "6.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*", "matchCriteriaId": "D9FC4C46-F269-4635-80BE-BED292538FEF", "versionEndIncluding": "6.3.3", "versionStartIncluding": "6.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*", "matchCriteriaId": "0320CE9C-6A73-44B9-90F5-B166E39D4EF6", "versionEndIncluding": "6.4.4", "versionStartIncluding": "6.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*", "matchCriteriaId": "95BF2F4C-084C-4BA7-9135-C970504E5682", "versionEndIncluding": "6.5.3", "versionStartIncluding": "6.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*", "matchCriteriaId": "9BEF7191-7173-42FE-BEEE-0D956B1DCEE7", "versionEndIncluding": "6.6.5", "versionStartIncluding": "6.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*", "matchCriteriaId": "E3BD3264-378E-407A-A964-68A5F5BF9C91", "versionEndIncluding": "6.7.9", "versionStartIncluding": "6.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*", "matchCriteriaId": "3E588953-625A-477F-832C-D18C34A6BC66", "versionEndIncluding": "7.0.3", "versionStartIncluding": "7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*", "matchCriteriaId": "18D56E3E-931D-45D0-A7F9-F039DB99AA8F", "versionEndExcluding": "7.1.6", "versionStartIncluding": "7.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortisiem:5.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "91E43A1B-D4C5-4FFF-9D3E-00140023921E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A allocation of resources without limits or throttling in Fortinet FortiSIEM 5.3 all versions, 5.4 all versions, 6.x all versions, 7.0 all versions, and 7.1.0 through 7.1.5 may allow an attacker to deny valid TLS traffic via consuming all allotted connections."}, {"lang": "es", "value": "Una asignaci\u00f3n de recursos sin l\u00edmites ni limitaci\u00f3n en Fortinet FortiSIEM 5.3 todas las versiones, 5.4 todas las versiones, 6.x todas las versiones, 7.0 todas las versiones y 7.1.0 a 7.1.5 puede permitir que un atacante deniegue tr\u00e1fico TLS v\u00e1lido mediante el consumo de todas las conexiones asignadas."}], "id": "CVE-2024-46667", "lastModified": "2025-07-16T13:16:19.890", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "psirt@fortinet.com", "type": "Secondary"}]}, "published": "2025-01-14T14:15:31.797", "references": [{"source": "psirt@fortinet.com", "tags": ["Vendor Advisory"], "url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-164"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-770"}], "source": "psirt@fortinet.com", "type": "Primary"}]}

{}