FortiAnalyzer & FortiManager - Server side request forgery on fortiview top threats report generation feature.

Summary

A server-side request forgery vulnerability [CWE-918] in FortiAnalyzer and FortiManager may allow a remote attacker with low privileges to view sensitive data from internal servers or perform a local port scan via a crafted HTTP request.

Version Affected Solution
FortiAnalyzer 7.4 7.4.0 Upgrade to 7.4.1 or above
FortiAnalyzer 7.2 7.2.0 through 7.2.3 Upgrade to 7.2.4 or above
FortiAnalyzer 7.0 7.0.2 through 7.0.8 Upgrade to 7.0.9 or above
FortiAnalyzer 6.4 6.4.8 through 6.4.14 Migrate to a fixed release
FortiManager 7.4 7.4.0 Upgrade to 7.4.1 or above
FortiManager 7.2 7.2.0 through 7.2.3 Upgrade to 7.2.4 or above
FortiManager 7.0 7.0.0 through 7.0.8 Upgrade to 7.0.9 or above

Acknowledgement

Fortinet is pleased to thank security researchers Mickael Dorigny at Orange Cyberdéfense, Frédéric Prevost, François-Xavier Picard and Orange CERT-CC at Orange group for discovering and reporting this vulnerability under responsible disclosure.

Timeline

2023-10-10: Initial publication