FortiOS SSL Deep Inspection TLS Padding Oracle Vulnerabilities
Fortinet PSIRT Advisories
Fortinet PSIRT Contact:
Website: https://fortiguard.fortinet.com/faq/psirt-contact
FG-IR-19-145
Final
1
1
2020-02-25T00:00:00
Current version
2020-02-25T00:00:00
2020-02-25T00:00:00
Multiple padding Oracle vulnerabilities (Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length) in the CBC padding implementation of FortiOS when configured with SSL Deep Inspection policies and with the IPS sensor enabled may allow an attacker to decipher TLS connections going through the FortiGate by monitoring the traffic (should he/she be able to).
Information Disclosure
FortiOS when using the following IPS Engine versions: IPS Engine version 5.00000 to 5.00006 IPS Engine version 4.00000 to 4.00036 IPS Engine version 4.00200 to 4.00219 IPS Engine version 3.00547 and below
Update to IPS engine 3.00548, 4.00037, 5.00007 or above. Specifically: IPS Engine 3.00548 (or above) for the FortiOS 5.6 branch and branches below IPS Engine 4.00037 (or above) for the ForitOS 6.0 branch IPS Engine 5.00007 (or above) for the FortiOS 6.2 branch An IPS Engine that includes the fix is built-in FortiOS 5.6.11, 6.0.9 and 6.2.1, and versions above in those respective branches. To check for the FortiOS IPS engine version: * From the admin CLI console: run command "diag autoupdate versions" IPS Attack Engine Version: x.xxxxx * From the admin webUI: System->FortiGuard->IPS Engine->Version x.xxxxx For the IPS engine and FortiOS version compatibility chart, please refer the following link: https://pub.kb.fortinet.com/ksmcontent/Fortinet-Public/current/FortiGate_6_0/fortios-fortiaps-ips-av-compatibility.pdf Revision History: 07-23-2019 Initial version 02-25-2020 Added FortiOS versions with built-in IPS Engines.
FortiOS SSL Deep Inspection TLS Padding Oracle Vulnerabilities
CVE-2019-5592
4.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:X/RC:X
https://fortiguard.fortinet.com/psirt/FG-IR-19-145
FortiOS SSL Deep Inspection TLS Padding Oracle Vulnerabilities
Reference>