Fortinet Products Multiple Vulnerabilities

Release Date: 20 Feb 2023 4239 Views

RISK: Medium Risk

TYPE: Operating Systems - Networks OS

Multiple vulnerabilities were identified in Fortinet Products. A remote attacker could exploit some of these vulnerabilities to trigger security restriction bypass, denial of service, information disclosure, cross-site scripting and elevation of privilege on the targeted system.

Impact

Security Restriction Bypass
Denial of Service
Information Disclosure
Cross-Site Scripting
Elevation of Privilege

System / Technologies affected

FortiAuthenticator 5.5 all versions
FortiAuthenticator version 6.0.0 through 6.0.4
FortiAuthenticator version 6.1.0
FortiOS 6.0 all versions
FortiOS 6.2 all versions
FortiOS 6.4 all versions
FortiOS version 6.0.0 through 6.0.13
FortiOS version 6.2.0 through 6.2.12
FortiOS version 6.2.0 through 6.2.9
FortiOS version 6.4.0 through 6.4.1
FortiOS version 6.4.0 through 6.4.10
FortiOS version 7.0.0 through 7.0.7
FortiOS version 7.0.0 through 7.0.8
FortiOS version 7.2.0
FortiOS version 7.2.0 through 7.2.2
FortiOS version 7.2.0 through 7.2.3
FortiOS versions 6.4.8 and below
FortiOS versions 7.0.3 and below
FortiProxy 1.0 all versions
FortiProxy 1.1 all versions
FortiProxy 1.2 all versions
FortiProxy 2.0 all versions
FortiProxy version 2.0.0 through 2.0.10
FortiProxy version 7.0.0 through 7.0.6
FortiProxy version 7.0.0 through 7.0.7
FortiProxy version 7.2.0 through 7.2.1
FortiProxy versions 2.0.7 and below
FortiProxy versions 7.0.1 and below
FortiSwitch 6.0 all versions
FortiSwitch 6.2 all versions
FortiSwitch versions 6.4.10 and below
FortiSwitch versions 7.0.3 and below
FortiSwitchManager version 7.0.0
FortiSwitchManager version 7.2.0
FortiWeb 6.0 all versions
FortiWeb 6.1 all versions
FortiWeb 6.2 all versions
FortiWeb 6.4 all versions
FortiWeb versions 6.3.16 and below

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

Vulnerability Identifier

Source

Fortinet