News > Secutec News

Fortinet: Vulnerability issues

1 Unauthenticated SSL VPN users password modifications

Summary

An Improper Authorization vulnerability in the SSL VPN web portal may allow an unauthenticated attacker to change the password of an SSL VPN web portal user via specially crafted HTTP requests.

Solutions

Upgrade to FortiOS 5.4.11, 5.6.9, 6.0.5, 6.2.0 or above.

Workaround

The only workaround is to migrate SSL VPN user authentication from local to remote (LDAP or RADIUS), or totally disable the SSL-VPN service (both web-mode and tunnel-mode) by applying the following CLI commands:

config vpn ssl settings
unset source-interface
end

Click here for more information.

 
 

2 System file leak through SSL VPN via specially crafted HTTP resource requests

Summary

A path traversal vulnerability in the FortiOS SSL VPN web portal may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource requests.

Solutions

Upgrade to FortiOS 5.6.8, 6.0.5 or 6.2.0

Workarounds

As a temporary solution,  the only workaround  is to totally disable the SSL-VPN service (both web-mode and tunnel-mode) by applying the following CLI commands:

config vpn ssl settings
unset source-interface
end

Click here for more information 

QUESTIONS ABOUT THE TECH UPDATE?

Contact Us

  • This field is for validation purposes and should be left unchanged.