FortiGate fails to log traffic for Fortinet owned IP address range
An insufficient logging vulnerability in FortiGate may allow the traffic from an unauthenticated attacker to Fortinet owned IP addresses to go unnoticed.
FortiGate versions 6.2.4 and below. FortiGate version 6.4.0.
Please upgrade to 6.4.1 or above, and add dynamic firewall address "FCTEMS_ALL_FORTICLOUD_SERVERS" which includes all FortiGuard servers in the policy to log the traffic for Fortinet IP addresses.
Fortinet is pleased to thank Michael Weinstein from NetTects LLC for reporting this vulnerability under responsible disclosure.