{"containers":{"cna":{"affected":[{"product":"Fortinet FortiSwitch, FortiRecorder, FortiVoiceEnterprise, FortiOS, FortiProxy","vendor":"Fortinet","versions":[{"status":"affected","version":"FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below"}]}],"descriptions":[{"lang":"en","value":"An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"ADJACENT_NETWORK","availabilityImpact":"LOW","baseScore":4.3,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","exploitCodeMaturity":"FUNCTIONAL","integrityImpact":"NONE","privilegesRequired":"NONE","remediationLevel":"UNAVAILABLE","reportConfidence":"CONFIRMED","scope":"UNCHANGED","temporalScore":4.2,"temporalSeverity":"MEDIUM","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:F/RL:U/RC:C","version":"3.1"}}],"problemTypes":[{"descriptions":[{"description":"Denial of service","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2022-07-18T16:35:20.000Z","orgId":"6abe59d8-c742-4dff-8ce8-9b0ca1073da8","shortName":"fortinet"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://fortiguard.com/psirt/FG-IR-21-155"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"psirt@fortinet.com","ID":"CVE-2021-42755","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Fortinet FortiSwitch, FortiRecorder, FortiVoiceEnterprise, FortiOS, FortiProxy","version":{"version_data":[{"version_value":"FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below"}]}}]},"vendor_name":"Fortinet"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service."}]},"impact":{"cvss":{"attackComplexity":"Low","attackVector":"Adjacent","availabilityImpact":"Low","baseScore":4.2,"baseSeverity":"Medium","confidentialityImpact":"None","integrityImpact":"None","privilegesRequired":"None","scope":"Unchanged","userInteraction":"None","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:F/RL:U/RC:C","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Denial of service"}]}]},"references":{"reference_data":[{"name":"https://fortiguard.com/psirt/FG-IR-21-155","refsource":"CONFIRM","url":"https://fortiguard.com/psirt/FG-IR-21-155"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T03:38:50.211Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://fortiguard.com/psirt/FG-IR-21-155"}]}]},"cveMetadata":{"assignerOrgId":"6abe59d8-c742-4dff-8ce8-9b0ca1073da8","assignerShortName":"fortinet","cveId":"CVE-2021-42755","datePublished":"2022-07-18T16:35:20.000Z","dateReserved":"2021-10-20T00:00:00.000Z","dateUpdated":"2024-08-04T03:38:50.211Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}