Vulnerability Description
The Control and Provisioning of Wireless Access Points (CAPWAP) daemon in Fortinet FortiOS 5.0 Patch 7 build 4457 allows remote attackers to cause a denial of service (locked CAPWAP Access Controller) via a large number of ClientHello DTLS messages.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fortinet | Fortios | 5.0.7 |
Related Weaknesses (CWE)
References
- http://seclists.org/fulldisclosure/2015/Jan/125
- http://secunia.com/advisories/61661
- http://www.fortiguard.com/advisory/FG-IR-15-002/Vendor Advisory
- http://www.security-assessment.com/files/documents/advisory/Fortinet_FortiOS_Mul
- http://www.securityfocus.com/bid/72383
- http://seclists.org/fulldisclosure/2015/Jan/125
- http://secunia.com/advisories/61661
- http://www.fortiguard.com/advisory/FG-IR-15-002/Vendor Advisory
- http://www.security-assessment.com/files/documents/advisory/Fortinet_FortiOS_Mul
- http://www.securityfocus.com/bid/72383
FAQ
What is CVE-2015-1452?
CVE-2015-1452 is a vulnerability with a CVSS score of 7.8 (HIGH). The Control and Provisioning of Wireless Access Points (CAPWAP) daemon in Fortinet FortiOS 5.0 Patch 7 build 4457 allows remote attackers to cause a denial of service (locked CAPWAP Access Controller)...
How severe is CVE-2015-1452?
CVE-2015-1452 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-1452?
Check the references section above for vendor advisories and patch information. Affected products include: Fortinet Fortios.