Fortinet Products Multiple Vulnerabilities
Release Date:
3 Nov 2022
5688
Views
RISK: Medium Risk
TYPE: Operating Systems - Networks OS
Multiple vulnerabilities were identified in Fortinet Products. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure, data manipulation and security restriction bypass on the targeted system.
Impact
- Data Manipulation
- Information Disclosure
- Security Restriction Bypass
System / Technologies affected
- FortiOS running AV engine version 6.2.168 and below.
- FortiOS running AV engine version 6.4.274 and below.
- FortiMail running AV engine version 6.2.168 and below.
- FortiMail running AV engine version 6.4.274 and below.
- FortiClient running AV engine version 6.2.168 and below.
- FortiClient running AV engine version 6.4.274 and below.
- FortiOS version 7.2.0
- FortiOS version 7.0.0 through 7.0.6
- FortiOS version 6.4.0 through 6.4.9
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- https://fortiguard.fortinet.com/psirt/FG-IR-22-228
- https://fortiguard.fortinet.com/psirt/FG-IR-22-223
- https://fortiguard.fortinet.com/psirt/FG-IR-22-074
- https://fortiguard.fortinet.com/psirt/FG-IR-22-174
Vulnerability Identifier
Source
Related Link
- https://www.auscert.org.au/bulletins/ESB-2022.5515
- https://www.auscert.org.au/bulletins/ESB-2022.5514
- https://www.auscert.org.au/bulletins/ESB-2022.5504
- https://www.auscert.org.au/bulletins/ESB-2022.5503
- https://fortiguard.fortinet.com/psirt/FG-IR-22-228
- https://fortiguard.fortinet.com/psirt/FG-IR-22-223
- https://fortiguard.fortinet.com/psirt/FG-IR-22-074
- https://fortiguard.fortinet.com/psirt/FG-IR-22-174
Share with