PSIRT Advisories

Monthly PSIRT Advisories

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.  

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

An improper neutralization of input vulnerability in FortiWeb may allow a remote authenticated attacker to perform a store...

FortiWeb 6.3.0, 6.2.2, 6.2.1, 6.2.0, 6.1.2, 6.1.1, 6.1.0, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.9.2, 5.9.1, 5.9.0
Mar 09, 2020 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-20-001 CVE-2020-6646
An improper neutralization of input vulnerability in the Anomaly Detection interface of FortiWeb may allow a remote unauth...

FortiWeb 6.2.1, 6.2.0, 6.1.1
Mar 09, 2020 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-19-265 CVE-2019-16156
The URL part of the report message is not encoded in Fortinet FortiWeb which may allow an attacker to execute unauthorized...

FortiWeb 6.0.2
Jun 12, 2019 Severity light-circle-logo light-circle-logo light-circle-logo light-circle-logo light-circle-logo Medium IR Number: FG-IR-19-070 CVE-2019-5590