CVE-2017-3130 FortiGate IKE VendorID version info disclosure Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-17-073 Final 1 1 2017-08-11T00:00:00 Current version 2017-08-11T00:00:00 2017-08-11T00:00:00 The FortiOS IKE packets which include the Vendor ID embed the FortiOS build version number. Information disclosure FortiOS 5.2.0 -> 5.2.11FortiOS 5.4.0 -> 5.4.4FortiOS 5.6.0 FortiOS 5.2 branch, upgrade to 5.2.11 or newer versions. FortiOS 5.4 branch, upgrade to 5.4.5 or newer versions. FortiOS 5.6 branch, upgrade to 5.6.1 or newer versions. Fortinet is pleased to thank independent researcher Alexis La Goutte for reporting this vulnerability under responsible disclosure. CVE-2017-3130 4.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:X/RC:X https://fortiguard.fortinet.com/psirt/FG-IR-17-073 CVE-2017-3130 FortiGate IKE VendorID version info disclosure Reference>