PSIRT Advisories

Monthly PSIRT Advisories

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.  

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

On FortiAuthenticator, a HTML page is returned to the user when the CSRF validation fails on referer mismatch. This page d...

May 29, 2018 Severity black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon Low IR Number: FG-IR-18-059 CVE-2018-9186
A SSL VPN user logged in via the web portal can access internal FortiOS configuration information (eg: addresses) via spec...

FortiOS 5.6.2, 5.6.1, 5.6.0, 5.4.8, 5.4.7, 5.4.6, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0, 5.2.9, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.15, 5.2.14, 5.2.13, 5.2.12, 5.2.11, 5.2.10, 5.2.1, 5.2.0
May 18, 2018 Severity black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon Informational IR Number: FG-IR-17-231 CVE-2017-14185