PSIRT Advisories

FortiManager & FortiAnalyzer - Improper validation of dispatcher socket parameters

Summary

A server-side request forgery (SSRF) (CWE-918) vulnerability in FortiManager and FortiAnalyser GUI may allow a remote and authenticated attacker to access unauthorized  files and services on the system via specifically crafted web requests.

Affected Products

FortiManager versions 7.0.0
FortiManager versions 6.4.5 and below.
FortiManager versions 6.2.7 and below.
FortiManager versions 6.0.x
FortiManager versions 5.6.x

FortiAnalyzer versions 7.0.0
FortiAnalyzer versions 6.4.5 and below.
FortiAnalyzer versions 6.2.7 and below.
FortiAnalyzer versions 6.0.x
FortiAnalyzer versions 5.6.x

Solutions

Please upgrade to FortiManager 7.0.1 or above.

Please upgrade to FortiManager 6.4.6 or above.

Please upgrade to FortiManager 6.2.8 or above.

 

Please upgrade to FortiAnalyzer 7.0.1 or above.

Please upgrade to FortiAnalyzer 6.4.6 or above.

Please upgrade to FortiAnalyzer 6.2.8 or above.

Acknowledgement

Fortinet is pleased to thank Clément Amic, Pierre Milioni and Adrien Peter from Synacktiv for reporting this vulnerability under responsible disclosure.