CVE-2024-46667: 
FortiSIEM vulnerability analysis and mitigation

A resource allocation vulnerability (CVE-2024-46667) was discovered in Fortinet FortiSIEM affecting versions 5.3, 5.4, 6.x, 7.0, and 7.1.0 through 7.1.5. The vulnerability is related to allocation of resources without limits or throttling in the TLS-SYSLOG handler component. This vulnerability was initially disclosed on January 14, 2025, and was reported by James Reno from Nuspire under responsible disclosure (Fortinet PSIRT).

The vulnerability is classified as CWE-770 (Allocation of Resources Without Limits or Throttling) in FortiSIEM's TLS-SYSLOG component. It received a CVSS v3.1 base score of 7.5 (High) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, indicating network accessibility, low attack complexity, and no required privileges or user interaction (NVD).

The vulnerability allows an attacker to deny valid TLS traffic by consuming all allotted connections, potentially leading to a denial of service condition (Fortinet PSIRT).

Fortinet has released version 7.1.6 as a fix for affected systems. Users running FortiSIEM 7.1.0 through 7.1.5 should upgrade to version 7.1.6 or above. For all other affected versions (5.3, 5.4, and 6.x series), users are advised to migrate to a fixed release. Versions 7.2 and 7.3 are not affected by this vulnerability (Fortinet PSIRT).