Fortinet Products Multiple Vulnerabilities
Release Date:
17 May 2024
4698
Views
RISK: Medium Risk
TYPE: Operating Systems - Networks OS
Multiple vulnerabilities were identified in Fortinet Products. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, denial of service, elevation of privilege and security restriction bypass on the targeted system.
Impact
- Security Restriction Bypass
- Remote Code Execution
- Elevation of Privilege
- Denial of Service
System / Technologies affected
- FortiOS version 7.4.0 through 7.4.1
- FortiOS version 7.2.0 through 7.2.7
- FortiOS version 7.0.0 through 7.0.12
- FortiOS 6.4 all versions
- FortiOS 6.2 all versions
- FortiOS version 6.0.0 through 6.0.16
- FortiWeb version 7.4.0 through 7.4.2
- FortiWeb version 7.2.0 through 7.2.7
- FortiWeb 7.0 all versions
- FortiWeb 6.4 all versions
- FortiWeb 6.3 all versions
- FortiNAC version 9.4.0 through 9.4.4
- FortiNAC 9.2 all versions
- FortiNAC 9.1 all versions
- FortiNAC 8.8 all versions
- FortiNAC 8.7 all versions
- FortiNAC version 7.2.0 through 7.2.3
- FortiProxy version 7.4.0 through 7.4.1
- FortiProxy version 7.2.0 through 7.2.7
- FortiProxy version 7.0.0 through 7.0.13
- FortiProxy 2.0 all versions
- FortiProxy 1.2 all versions
- FortiProxy 1.1 all versions
- FortiProxy 1.0 all versions
- FortiWebManager version 7.2.0
- FortiWebManager version 7.0.0 through 7.0.4
- FortiWebManager version 6.3.0
- FortiWebManager version 6.2.3 through 6.2.4
- FortiWebManager version 6.0.2
- FortiAuthenticator version 6.6.0
- FortiAuthenticator version 6.5.0 through 6.5.3
- FortiAuthenticator 6.4 all versions
- FortiSwitchManager version 7.2.0 through 7.2.2
- FortiSwitchManager version 7.0.0 through 7.0.2
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- https://fortiguard.fortinet.com/psirt/FG-IR-23-137
- https://fortiguard.fortinet.com/psirt/FG-IR-23-191
- https://fortiguard.fortinet.com/psirt/FG-IR-23-195
- https://fortiguard.fortinet.com/psirt/FG-IR-23-222
- https://fortiguard.fortinet.com/psirt/FG-IR-23-225
- https://fortiguard.fortinet.com/psirt/FG-IR-23-415
- https://fortiguard.fortinet.com/psirt/FG-IR-23-465
- https://fortiguard.fortinet.com/psirt/FG-IR-23-474
- https://fortiguard.fortinet.com/psirt/FG-IR-24-017
- https://fortiguard.fortinet.com/psirt/FG-IR-24-040
Vulnerability Identifier
- CVE-2023-36640
- CVE-2023-44247
- CVE-2023-45583
- CVE-2023-45586
- CVE-2023-46714
- CVE-2024-23107
- CVE-2024-23664
- CVE-2024-23665
- CVE-2024-23667
- CVE-2024-23668
- CVE-2024-23669
- CVE-2024-23670
- CVE-2024-26007
- CVE-2024-31488
Source
Related Link
- https://fortiguard.fortinet.com/psirt/FG-IR-23-137
- https://fortiguard.fortinet.com/psirt/FG-IR-23-191
- https://fortiguard.fortinet.com/psirt/FG-IR-23-195
- https://fortiguard.fortinet.com/psirt/FG-IR-23-222
- https://fortiguard.fortinet.com/psirt/FG-IR-23-225
- https://fortiguard.fortinet.com/psirt/FG-IR-23-415
- https://fortiguard.fortinet.com/psirt/FG-IR-23-465
- https://fortiguard.fortinet.com/psirt/FG-IR-23-474
- https://fortiguard.fortinet.com/psirt/FG-IR-24-017
- https://fortiguard.fortinet.com/psirt/FG-IR-24-040
Related Tags
Share with