PSIRT Advisories

Monthly PSIRT Advisories

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.  

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fo...

FortiSOAR 7.2.0, 7.0.2, 7.0.1, 7.0.0, 6.4.4, 6.4.3, 6.4.1
Sep 06, 2022 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-22-156 CVE-2022-29061
Multiple relative path traversal vulnerabilities [CWE-23] in the web API of FortiSOAR may allow an authenticated attacker ...

FortiSOAR 7.2.0, 7.0.2, 7.0.1, 7.0.0
Sep 06, 2022 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-22-154 CVE-2022-29062
An improper privilege management vulnerability [CWE-269] in FortiSOAR may allow a GUI user who has already found a way to ...

FortiSOAR 7.2.0, 7.0.2, 7.0.1, 7.0.0, 6.4.4, 6.4.3, 6.4.1, 6.4.0
Sep 06, 2022 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-22-152 CVE-2022-30298
An improper neutralization of special elements used in a template engine vulnerability [CWE-1336] in FortiSOAR management ...

FortiSOAR 7.2.0, 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.4, 6.4.3, 6.4.1, 6.4.0
Sep 06, 2022 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-22-306 CVE-2022-35847