FortiOS, FortiWeb, FortiProxy and FortiSwitch - Padding oracle in cookie encryption

Summary

An improper verification of cryptographic signature vulnerability [CWE-347] in FortiOS, FortiWeb, FortiProxy and FortiSwitch may allow an attacker to decrypt portions of the administrative session management cookie if able to intercept the latter.

Affected Products

FortiOS versions 7.0.3 and below. FortiOS versions 6.4.8 and below, FortiOS 6.2 all versions FortiOS 6.0 all versions

FortiWeb 6.4 all versions FortiWeb versions 6.3.16 and below, FortiWeb 6.2 all versions FortiWeb 6.1 all versions FortiWeb 6.0 all versions

FortiProxy versions 7.0.1 and below, FortiProxy versions 2.0.7 and below, FortiProxy 1.2 all versions FortiProxy 1.1 all versions FortiProxy 1.0 all versions

FortiSwitch versions 7.0.3 and below, FortiSwitch versions 6.4.10 and below, FortiSwitch 6.2 all versions FortiSwitch 6.0 all versions

Solutions

Upgrade to FortiOS version 7.0.4 or above. Upgrade to FortiOS version 6.4.9 or above.

Upgrade to FortiWeb version 7.0.0 or above. upgrade to FortiWeb version 6.3.17 or above.

Upgrade to FortiProxy version 7.0.2 or above. Upgrade to FortiProxy version 2.0.8 or above.

Upgrade to FortiSwitch version 7.2.0 or above. Upgrade to FortiSwitch version 7.0.4 or above. Upgrade to FortiSwitch version 6.4.11 or above.

Acknowledgement

Internally discovered and reported by Giuseppe Cocomazzi of Fortinet Product Security team.