Missing certificate CN/SAN validation leads to information disclosure
Summary
An improper validation of certificate with host mismatch [CWE-297] vulnerability in FortiOS may allow the connection to a malicious LDAP server via options in GUI, leading to disclosure of sensitive information, such as AD credentials.
Affected Products
FortiGate version 7.0.1 and below.
FortiGate version 6.4.6 and below.
FortiGate version 6.2.9 and below.
Solutions
Please upgrade to FortiGate version 7.0.2 or above.
Please upgrade to FortiGate version 6.4.7 or above.
Please upgrade to FortiGate version 6.2.10 or above.
Acknowledgement
Fortinet is pleased to thank John Headley from VPLS for reporting this vulnerability under responsible disclosure.Timeline
2021-11-02: Initial publication