PSIRT Advisories
Monthly PSIRT Advisories
- 2022: May , Apr , Mar , Feb
- 2021: Dec , Nov , Oct , Sep , Aug , Jul , Jun , May , Apr , Mar , Feb , Jan
- 2020: Dec
The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.
For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.
Installing Forticlient SSLVPN Linux client build 2312 and lower in a home directory that is world readable-executable yiel...
Jul 24, 2015
Severity
Medium
IR Number: FG-IR-15-017
CVE-2015-7362
The Web User Interface of FortiSandbox version 2.0.4 and below is vulnerable to multiple reflected Cross-Site Scripting vu...
Jul 24, 2015
Severity
Medium
IR Number: FG-IR-15-019
CVE-2015-7360
A remote attacker may access the internal ZebOS shell of FortiOS 5.2.3 without authentication on the HA ("High Availabilit...
Jul 24, 2015
Severity
Critical
IR Number: FG-IR-15-020
CVE-2015-7361
When connecting to a FortiGuard server via TLS, FortiOS 5.2.3/5.0.11 and below is supporting multiple weak ciphers includi...
Jul 24, 2015
Severity
Low
IR Number: FG-IR-15-021
CVE-2015-2323
The SSL-VPN feature of FortiOS 4.3.12 and lower only checks the first byte of the TLS MAC in the finished message.
An atta...
Jul 15, 2015
Severity
Informational
IR Number: FG-IR-15-016
OpenSSL released a security advisory in July 2015 to announce a high severity
vulnerability affecting any application that...
Jul 09, 2015
Severity
High
IR Number: FG-IR-15-015
CVE-2015-1793