An improper following of a certificate's chain of trust vulnerability in FortiGate SSL-VPN may allow an LDAP user to connect to VPN with any certificate that is signed by a trusted Certificate Authority.
Affected ProductsFortiGate version 6.4.2Â to 6.4.4.Â Â
FortiGate versions 5.6.x, 6.0.x and 6.2.x, 6.4.0 and 6.4.1 are NOT impacted by this vulnerability.
Please upgrade to FortiGate Version 6.4.5 or above.
Please upgrade to FortiGate Version 7.0.0.