PSIRT Advisories

FortiManager - ADOMs script information leaked in FortiGate CLI

Summary

An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in FortiManager may allow a FortiGate user to see scripts from other ADOMS.

Affected Products

FortiManager version 7.0.1 and below.
FortiManager version 6.4.6 and below.
FortiManager version 6.2.x.
FortiManager version 6.0.x.
FortiManager version 5.6.x.

Solutions

Please upgrade to FortiManager version 7.0.2 or above.
Please upgrade to FortiManager version 6.4.7 or above.