virus logo Intrusion Prevention

FortiOS.SSL.VPN.Web.Portal.Pathname.Information.Disclosure

description-logoDescription

This indicates an attack attempt to exploit an Information Disclosure Vulnerability in FortiOS.
The vulnerability is due to an error in the vulnerable application when handling a malicious request. An unauthenticated attacker can exploit this to access sensitive information on the affected machine via a crafted request.

description-logoOutbreak Alert

A recent high profile exploit involing Kaseya VSA product was linked to the REvil ransomware. This report summarizes the Fortinet Security Fabric coverage for the REvil ransomware itself. Refer to the separate report for more detail about the Kaseya vulnerability.

View the full Outbreak Alert Report

affected-products-logoAffected Products

FortiOS 5.6.3 to 5.6.7 with SSL VPN Service enabled
FortiOS 6.0.0 to 6.0.4 with SSL VPN Service enabled

Impact logoImpact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

recomended-action-logoRecommended Actions

Refer to the vendor's advisory for updates:
https://fortiguard.com/psirt/FG-IR-18-384

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2021-06-14 18.097
Modified
 Sig Added
2019-11-13 14.723
Modified
 Default_action:pass:drop
2019-08-27 14.677
New

References

FG-IR-18-384
ID 48321
Created Aug 27, 2019
Updated Jun 11, 2021
CVE ID
Tags REvil Ransomware
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Known Exploited Yes
Exploit Prediction Score 94.47%
Default Action drop
Active
Affected OS Other
Affected App Other
Profile Type Information Disclosure