PSIRT Advisories

FortiOS -- Telnet on the SSL-VPN interface results in information leak

Summary

An exposure of sensitive information to an unauthorized actor vulnerabiltiy [CWE-200] in FortiOS SSL-VPN may allow a remote unauthenticated attacker to gain information about LDAP and SAML settings configured in FortiOS.

Affected Products

FortiOS version 7.2.0
FortiOS version 7.0.0 through 7.0.6
FortiOS version 6.4.0 through 6.4.9

Solutions

Please upgrade to FortiOS version 7.2.2 or above
Please upgrade to FortiOS version 7.0.7 or above
Please upgrade to FortiOS version 6.4.10 or above

References

  • Reboot FortiOS or kill the SSL-VPN process or disable DTLS settings [if enabled]