PSIRT Advisories

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

FortiOS SSL VPN webportal user credentials present in plain text in client side javascript file

An information disclosure vulnerability exists in the SSL-VPN web portal of FortiOS: when pages bookmarked in the web portal use...

Jun 22, 2018 Risk

IR Number: FG-IR-18-027

OpenRedirect in Malicious Generated PDF Document on FortiAnalyzer and FortiManager

An open redirect vulnerability exists in FortiAnalyzer and FortiManager when a user of the GUI is converting an HTML table to...

Jun 22, 2018 Risk

IR Number: FG-IR-18-022

FortiAnalyzer and FortiManager admin user avatar setting improper access control

An improper access control vulnerability exists in FortiAnalyzer and FortiManager, whereby a regular user of the GUI can edit...

Jun 22, 2018 Risk

IR Number: FG-IR-18-014

FortiManager XSS vulnerability when view config under Revision History

A potential Cross-site Scripting (XSS) vulnerability exists in FortiManager: Displayed data is not sanitized when an administrator...

Jun 22, 2018 Risk

IR Number: FG-IR-18-006

ISC BIND vulnerabilities

Multiple Denial of Service (DoS) or process crash vulnerabilities (CVE-2018-5737, CVE-2018-5736) are affecting ISC BIND.

Jun 05, 2018 Risk

IR Number: FG-IR-18-112

Refine RESET

PSIRT Advisories

Refine
RESET