- Filter by Date
- 2018
- 5 05-2018
- 2018
- Filter by Severity
-
Filter by Affected Product
- All
- 3 FortiOS
- 0 FortiProxy
- 0 FortiManager
- 0 FortiAnalyzer
- 0 FortiWeb
- 0 FortiADC
- 0 FortiMail
- 0 FortiSandbox
- 0 FortiClientWindows
- 0 FortiPortal
- 0 FortiWAN
- 0 FortiAuthenticator
- 0 FortiNAC
- 0 FortiSIEM
- 0 FortiClientEMS
- 0 FortiWLC
- 0 FortiClientMac
- 0 FortiAP
- 0 FortiSOAR
- 0 FortiTester
- 0 FortiAP-W2
- 0 FortiSwitch
- 0 FortiWLM
- 0 FortiRecorder
- 0 FortiVoiceEnterprise
- 0 FortiAP-S
- 0 FortiDeceptor
- 0 AscenLink
- 0 FortiAP-U
- 0 FortiClientLinux
- 0 FortiDB
- 0 FortiDDoS
- 0 FortiEDR
- 0 FortiCache
- 0 FortiExtender
- 0 Meru AP
- 0 FortiADCManager
- 0 FortiIsolator
- 0 FortiSIEMWindowsAgent
- 0 FortiTokenAndroid
- 0 FortiTokenIOS
- 0 FortiWAN-Manager
- 0 FSSO Windows CA
- 0 FortiAP-C
- 0 FortiClientAndroid
- 0 FortiClientiOS
- 0 FortiDDoS-CM
- 0 FortiSwitchManager
- 0 FortiWebManager
- 0 Meru Controller
- 0 SSL_VPN
- 0 FSSO (all dist.)
- 0 FSSO Windows DC Agent
- 0 FortiAnalyzer-BigData
- 0 FortiCloud
- 0 FortiDDoS-F
- 0 FortiExplorer Windows
- 0 FortiFone
- 0 FortiGuard
- 0 FortiNDR
- 0 FortiOS-6K7K
- 0 FortiPresence
- 0 FortiSDNConnector
- 0 FortiTokenMobileWP
- 0 FortiVoice
All
Refine Search
PSIRT Advisories
Monthly PSIRT Advisories
- 2023: May , Apr , Mar , Feb , Jan
- 2022: Dec , Nov , Sep , Aug , Jul , Jun , May , Apr , Mar , Feb
- 2021: Dec , Nov , Oct , Sep , Aug , Jul , Jun , May , Apr , Mar , Feb , Jan
- 2020: Dec
The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.
For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.
On FortiAuthenticator, a HTML page is returned to the user when the CSRF validation fails on referer mismatch. This page d...
May 29, 2018
Severity
Low
IR Number: FG-IR-18-059
CVE-2018-9186
Low
IR Number: FG-IR-18-059
CVE-2018-9186
A SSL VPN user logged in via the web portal can access internal FortiOS configuration information (eg: addresses) via spec...
FortiOS
5.6.2, 5.6.1, 5.6.0, 5.4.8, 5.4.7, 5.4.6, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0, 5.2.9, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.15, 5.2.14, 5.2.13, 5.2.12, 5.2.11, 5.2.10, 5.2.1, 5.2.0
May 18, 2018
Severity
Informational
IR Number: FG-IR-17-231
CVE-2017-14185
An admin user with super_admin privileges can execute an arbitrary binary contained on an USB drive plugged to a FortiGate...
FortiOS
5.6.2, 5.6.1, 5.6.0, 5.4.8, 5.4.7, 5.4.6, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0, 5.2.9, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.15, 5.2.14, 5.2.13, 5.2.12, 5.2.11, 5.2.10, 5.2.1, 5.2.0
May 18, 2018
Severity
Medium
IR Number: FG-IR-17-245
CVE-2017-14187
US-Cert published a document at https://www.us-cert.gov/ncas/alerts/TA17-075A which outlines some security flaws that may ...
FortiWLC included two hardcoded accounts which were used by Meru Access Points to report core dumps; these accounts had re...
May 04, 2018
Severity
Critical
IR Number: FG-IR-17-274
CVE-2017-17539
Critical
IR Number: FG-IR-17-274
CVE-2017-17539