• Filter by Date
  • Filter by Risk
  • Filter by Affected Product

Refine
RESET


Filter by Date:
All
Filter by Risk Level:
All
Filter by Affected Product:
All

PSIRT Advisories

Monthly PSIRT Advisories

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.  

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

FortiWLC PAM.log authenticated user information exposure
The pam.log file generated by FortiWLC contains authenticated users credentials (local admin and users authenticated again...
Sep 30, 2016 Risk IR Number: FG-IR-16-030 CVE-2016-7561
FortiWLC Undocumented Hardcoded Rsync Account
FortiWLC runs a rsyncd server, historically used for High-Availability purpose. This server comes with a hardcoded account...
Sep 30, 2016 Risk IR Number: FG-IR-16-029 CVE-2016-7560
FortiDDoS Command Injection Vulnerability Announcement
A vulnerability in FortiDDoS allows escalation of privilege via remote OS injection through crafted URLs sent to the GUI. ...
Sep 28, 2016 Risk IR Number: FG-IR-16-037
OpenSSL Advisory - May 2016
OpenSSL released an update in May 2016 to address two high and four low severity vulnerabilities.CVE-2016-2108; CVE-2016-2...
Sep 22, 2016 Risk IR Number: FG-IR-16-026 CVE-2016-2108
FortiClient Unencrypted Password Vulnerability
One of the processes in FortiClient stores VPN credentials unencrypted in memory. A malicious attacker who compromised the...
Sep 12, 2016 Risk IR Number: FG-IR-16-021
FortiWAN Multiple Vulnerabilities
FortWan 4.2.4 and below is exposed to cross site scripting, information leak and escalation of privilege vulnerabilities.C...
Sep 07, 2016 Risk IR Number: FG-IR-16-045 CVE-2016-4965