PSIRT Advisory
Firewall information leak to regular SSL VPN web portal users
Summary
A SSL VPN user logged in via the web portal can access internal FortiOS configuration information (eg: addresses) via specifically crafted URLs.
Impact
Information Disclosure
Affected Products
FortiOS 5.6.0 to 5.6.2
FortiOS 5.4.0 to 5.4.8
FortiOS 5.2 branch all versions
Solutions
Upgrade to FortiOS 5.6.3 or 5.4.9 or newer versions.
Acknowledgement
Fortinet is pleased to thank Fox-IT (https://www.fox-it.com) reporting this vulnerability under responsible disclosure.