PSIRT Advisories

Monthly PSIRT Advisories

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.  

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

The FortiOS web proxy disclaimer page is potentially vulnerable to an XSS attack, via maliciously crafted "Host" headers i...

FortiOS 5.6.2, 5.6.1, 5.6.0, 5.4.7, 5.4.6, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0, 5.2.9, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.15, 5.2.14, 5.2.13, 5.2.12, 5.2.11, 5.2.10, 5.2.1, 5.2.0
Jan 22, 2018 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Low IR Number: FG-IR-17-262 CVE-2017-14190
An admin user with super_admin privileges (i.e. with a super_admin profile) may view the current sslvpn web portal session...

FortiOS 5.6.2, 5.6.1, 5.6.0, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0, 5.2.9, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.15, 5.2.14, 5.2.13, 5.2.12, 5.2.11, 5.2.10, 5.2.1, 5.2.0
Dec 08, 2017 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-17-172 CVE-2017-7738
A reflected XSS vulnerability exists in FortiOS web proxy disclaimer response web pages, potentially  exploitable by an un...

FortiOS 5.6.0, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0, 5.2.9, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.11, 5.2.10, 5.2.1, 5.2.0
Nov 03, 2017 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-17-168 CVE-2017-7739
FortiOS SSL Deep-Inspection may enable insecure renegotiation between TLS clients and servers that support secure renegoti...

FortiOS 5.6.0, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0, 5.2.9, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.12, 5.2.11, 5.2.10, 5.2.1, 5.2.0
Nov 03, 2017 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-17-137 CVE-2009-3555
The FortiOS IKE packets which include the Vendor ID embed the FortiOS build version number.

FortiOS 5.6.0, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0, 5.2.9, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.11, 5.2.10, 5.2.1, 5.2.0, 5.0.9, 5.0.8, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.14, 5.0.13, 5.0.12, 5.0.11, 5.0.10, 5.0.1, 5.0.0
Aug 11, 2017 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Informational IR Number: FG-IR-17-073 CVE-2017-3130
FortiOS is subject to a Cross-Site Scripting vulnerability,  due to an improperly sanitized parameter in a hidden CLI conf...

FortiOS 5.2.9, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.10, 5.2.1, 5.2.0, 5.0.9, 5.0.8, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.14, 5.0.13, 5.0.12, 5.0.11, 5.0.10, 5.0.1, 5.0.0
May 17, 2017 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Low IR Number: FG-IR-17-057 CVE-2017-3128
An XSS vulnerability caused by the scrintf parameter input during Firewall Policy Creation can be exploited to load and ru...

FortiOS 5.2.9, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.10, 5.2.1, 5.2.0
Apr 19, 2017 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Low IR Number: FG-IR-17-017 CVE-2017-3127
A read-only administrator may have access to read-write administrators password hashes (not including super-admins) stored...

FortiOS 5.4.1, 5.4.0, 5.2.9, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.10, 5.2.1, 5.2.0
Dec 02, 2016 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-16-050 CVE-2016-7542
A FortiGate configured to use flow-based protection will stop monitoring network sessions that are active when a scanning ...

FortiOS 5.4.1, 5.4.0, 5.2.9, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.15, 5.2.14, 5.2.13, 5.2.12, 5.2.11, 5.2.10, 5.2.1, 5.2.0, 5.0.9, 5.0.8, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.14, 5.0.13, 5.0.12, 5.0.11, 5.0.10, 5.0.1, 5.0.0
Nov 22, 2016 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-16-088 CVE-2016-7541