FortiOS 6.0.0 to 6.0.4
FortiOS 5.6.0 to 5.6.10
FortiOS 5.4.0 to 5.4.12
FortiOS 5.2.0 to 5.2.14
Branch lower than 5.2 not been assessed.
Upgrade to FortiOS 5.2.15, 5.4.13, 5.6.11, 6.0.5 or 6.2.0 and above. Workarounds: One of the following workarounds can be applied: * Use SSL VPN tunnel-mode only. * Only access trusted HTTP web servers under SSL VPN web-mode * Totally disable the SSL-VPN service by applying the following CLI commands: config vpn ssl settings unset source-interface end Revision History: 2019-04-02 Initial Version 2019-05-15 Add fix on 6.0 branch 2019-07-11 Risk adjusted to High; Workaround updated. 2019-08-21 Add fix on 5.6 branch 2019-11-26 Add fix on 5.4 and 5.2 branch