At a glance:
| IR Number | FG-IR-17-073 |
| Date | Aug 08, 2017 |
| Risk | 
|
| Impact | Information Disclosure |
| CVE ID | CVE-2017-3130 |
| CVRF | Download |
Refine Search
PSIRT Advisory
FortiOS IKE VendorID version information disclosure
Summary
The FortiOS IKE packets which include the Vendor ID embed the FortiOS build version number.
Impact
Information Disclosure
Affected Products
FortiOS 5.0.0 to 5.4.4 and 5.6.0 versions.
Solutions
Upgrade to FortiOS version 5.2.12, 5.4.5 or 5.6.1
Acknowledgement
Fortinet is pleased to thank independent researcher Alexis La Goutte for reporting this vulnerability under responsible disclosure.