CVE-2024-46667

📊 7.5 HIGH⚡ 0.2%🎯 0 exploits

📅 Published Jan 14, 2025

📋 Status: Analyzed

A allocation of resources without limits or throttling in Fortinet FortiSIEM 5.3 all versions, 5.4 all versions, 6.x all versions, 7.0 all versions, and 7.1.0 through 7.1.5 may allow an attacker to deny valid TLS traffic via consuming all allotted connections.

CVSS v3.1 • [email protected]

🎯 Affected Products & Systems

11 product configurations affected

Filter by type:

Type	Vendor	Product	Version Range	Status	CPE String
📱App	fortinet	fortisiem	≥ 5.3.0 ∧ ≤ 5.3.3	Vulnerable	cpe:2.3:a:fortinet:fortisiem::::::::
📱App	fortinet	fortisiem	≥ 6.1.0 ∧ ≤ 6.1.2	Vulnerable	cpe:2.3:a:fortinet:fortisiem::::::::
📱App	fortinet	fortisiem	≥ 6.2.0 ∧ ≤ 6.2.1	Vulnerable	cpe:2.3:a:fortinet:fortisiem::::::::
📱App	fortinet	fortisiem	≥ 6.3.0 ∧ ≤ 6.3.3	Vulnerable	cpe:2.3:a:fortinet:fortisiem::::::::
📱App	fortinet	fortisiem	≥ 6.4.0 ∧ ≤ 6.4.4	Vulnerable	cpe:2.3:a:fortinet:fortisiem::::::::
📱App	fortinet	fortisiem	≥ 6.5.0 ∧ ≤ 6.5.3	Vulnerable	cpe:2.3:a:fortinet:fortisiem::::::::
📱App	fortinet	fortisiem	≥ 6.6.0 ∧ ≤ 6.6.5	Vulnerable	cpe:2.3:a:fortinet:fortisiem::::::::
📱App	fortinet	fortisiem	≥ 6.7.0 ∧ ≤ 6.7.9	Vulnerable	cpe:2.3:a:fortinet:fortisiem::::::::
📱App	fortinet	fortisiem	≥ 7.0.0 ∧ ≤ 7.0.3	Vulnerable	cpe:2.3:a:fortinet:fortisiem::::::::
📱App	fortinet	fortisiem	≥ 7.1.0 ∧ < 7.1.6	Vulnerable	cpe:2.3:a:fortinet:fortisiem::::::::
📱App	fortinet	fortisiem	5.4.0	Vulnerable	cpe:2.3:a:fortinet:fortisiem:5.4.0:::::::*

📱

fortinet / fortisiem

Application

Vulnerable

Version: ≥ 5.3.0 ∧ ≤ 5.3.3

CPE:

cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*

📱

fortinet / fortisiem

Application

Vulnerable

Version: ≥ 6.1.0 ∧ ≤ 6.1.2

CPE:

cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*

📱

fortinet / fortisiem

Application

Vulnerable

Version: ≥ 6.2.0 ∧ ≤ 6.2.1

CPE:

cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*

📱

fortinet / fortisiem

Application

Vulnerable

Version: ≥ 6.3.0 ∧ ≤ 6.3.3

CPE:

cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*

📱

fortinet / fortisiem

Application

Vulnerable

Version: ≥ 6.4.0 ∧ ≤ 6.4.4

CPE:

cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*

📱

fortinet / fortisiem

Application

Vulnerable

Version: ≥ 6.5.0 ∧ ≤ 6.5.3

CPE:

cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*

📱

fortinet / fortisiem

Application

Vulnerable

Version: ≥ 6.6.0 ∧ ≤ 6.6.5

CPE:

cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*

📱

fortinet / fortisiem

Application

Vulnerable

Version: ≥ 6.7.0 ∧ ≤ 6.7.9

CPE:

cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*

📱

fortinet / fortisiem

Application

Vulnerable

Version: ≥ 7.0.0 ∧ ≤ 7.0.3

CPE:

cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*

📱

fortinet / fortisiem

Application

Vulnerable

Version: ≥ 7.1.0 ∧ < 7.1.6

CPE:

cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*

📱

fortinet / fortisiem

Application

Vulnerable

Version: 5.4.0

CPE:

cpe:2.3:a:fortinet:fortisiem:5.4.0:*:*:*:*:*:*:*

11 products•scroll for more

Metrics

7.5 HIGHCVSS v3.1[email protected]

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector:

NETWORK

Complexity:

LOW

Privileges:

NONE

User Interaction:

NONE

Confidentiality:

NONE

Integrity:

NONE

Availability:

HIGH

Scope:

UNCHANGED

🔍 Technical Details

Analysis Status

Analyzed

CVSS Details

7.5 (HIGH)v3.1

Source: [email protected]

EPSS Details

0.2% (Minimal)42.8th percentile

Last updated: Oct 31, 2025

Exploitation probability within 30 days

Published Date

Jan 14, 2025 (9 months ago)

Last Modified

Jul 16, 2025 (3 months ago)

Security Weaknesses1

CWE-770

References2

NVDgeneral