The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of FGT

computer vulnerability alert CVE-2017-5705 CVE-2017-5706 CVE-2017-5707

Intel ME: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Intel ME.
Impacted products: FortiGate, SIMATIC.
Severity: 2/4.
Consequences: administrator access/rights, user access/rights.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 8.
Creation date: 05/01/2018.
Identifiers: CVE-2017-5705, CVE-2017-5706, CVE-2017-5707, CVE-2017-5708, CVE-2017-5709, CVE-2017-5710, CVE-2017-5711, CVE-2017-5712, FG-IR-17-271, SSA-892715, VIGILANCE-VUL-24956.

Description of the vulnerability

An attacker can use several vulnerabilities of Intel ME.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2017-5754

Intel Processors: memory reading via Meltdown

Synthesis of the vulnerability

When the system uses an Intel processor, a local attacker can access to the kernel memory, in order to read sensitive information.
Impacted products: SNS, iOS by Apple, iPhone, Mac OS X, Blue Coat CAS, Cisco ASR, Cisco Catalyst, Nexus by Cisco, NX-OS, Cisco Router, Cisco UCS, XenServer, Debian, Avamar, ExtremeXOS, Summit, BIG-IP Hardware, TMOS, FortiAnalyzer, FortiGate, FortiManager, FortiOS, FreeBSD, Android OS, AIX, IBM i, QRadar SIEM, Juniper J-Series, Junos OS, Junos Space, NSMXpress, Linux, McAfee Email Gateway, McAfee NSM, McAfee NTBA, McAfee Web Gateway, Meinberg NTP Server, Edge, IE, SQL Server, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, Windows (platform) ~ not comprehensive, Windows RT, OpenBSD, openSUSE Leap, Oracle Communications, pfSense, RealPresence Collaboration Server, RealPresence Distributed Media Application, RealPresence Resource Manager, RHEL, SIMATIC, Slackware, Sonus SBC, SUSE Linux Enterprise Desktop, SLES, Symantec Content Analysis, Synology DSM, Synology DS***, Synology RS***, Ubuntu, Unix (platform) ~ not comprehensive, vCenter Server, Xen.
Severity: 2/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 03/01/2018.
Revision date: 05/01/2018.
Identifiers: 2016636, 519675, ADV180002, CERTFR-2018-ALE-001, CERTFR-2018-AVI-004, CERTFR-2018-AVI-005, CERTFR-2018-AVI-009, CERTFR-2018-AVI-012, CERTFR-2018-AVI-014, CERTFR-2018-AVI-017, CERTFR-2018-AVI-018, CERTFR-2018-AVI-029, CERTFR-2018-AVI-048, CERTFR-2018-AVI-049, CERTFR-2018-AVI-077, CERTFR-2018-AVI-079, CERTFR-2018-AVI-114, CERTFR-2018-AVI-124, CERTFR-2018-AVI-134, CERTFR-2018-AVI-208, CERTFR-2018-AVI-225, cisco-sa-20180104-cpusidechannel, cpuapr2019, CTX231390, CTX231399, CTX234679, CVE-2017-5754, DLA-1232-1, DLA-1349-1, DSA-2018-049, DSA-4078-1, DSA-4082-1, DSA-4120-1, DSA-4120-2, DSA-4179-1, FG-IR-18-002, FreeBSD-SA-18:03.speculative_execution, HT208331, HT208334, HT208394, HT208465, JSA10842, JSA10873, K91229003, MBGSA-1801, Meltdown, N1022433, nas8N1022433, openSUSE-SU-2018:0022-1, openSUSE-SU-2018:0023-1, openSUSE-SU-2018:0326-1, openSUSE-SU-2018:0459-1, openSUSE-SU-2018:1623-1, RHSA-2018:0007-01, RHSA-2018:0008-01, RHSA-2018:0009-01, RHSA-2018:0010-01, RHSA-2018:0011-01, RHSA-2018:0012-01, RHSA-2018:0013-01, RHSA-2018:0014-01, RHSA-2018:0015-01, RHSA-2018:0016-01, RHSA-2018:0017-01, RHSA-2018:0018-01, RHSA-2018:0020-01, RHSA-2018:0021-01, RHSA-2018:0022-01, RHSA-2018:0023-01, RHSA-2018:0024-01, RHSA-2018:0025-01, RHSA-2018:0026-01, RHSA-2018:0027-01, RHSA-2018:0028-01, RHSA-2018:0029-01, RHSA-2018:0030-01, RHSA-2018:0031-01, RHSA-2018:0032-01, RHSA-2018:0034-01, RHSA-2018:0035-01, RHSA-2018:0036-01, RHSA-2018:0037-01, RHSA-2018:0038-01, RHSA-2018:0039-01, RHSA-2018:0040-01, RHSA-2018:0053-01, RHSA-2018:0093-01, RHSA-2018:0094-01, RHSA-2018:0103-01, RHSA-2018:0104-01, RHSA-2018:0105-01, RHSA-2018:0106-01, RHSA-2018:0107-01, RHSA-2018:0108-01, RHSA-2018:0109-01, RHSA-2018:0110-01, RHSA-2018:0111-01, RHSA-2018:0112-01, RHSA-2018:0182-01, RHSA-2018:0292-01, RHSA-2018:0464-01, RHSA-2018:0496-01, RHSA-2018:0512-01, RHSA-2018:1129-01, RHSA-2018:1196-01, SA161, SB10226, spectre_meltdown_advisory, SSA-168644, SSA:2018-016-01, SSA:2018-037-01, STORM-2018-001, SUSE-SU-2018:0010-1, SUSE-SU-2018:0011-1, SUSE-SU-2018:0012-1, SUSE-SU-2018:0031-1, SUSE-SU-2018:0040-1, SUSE-SU-2018:0069-1, SUSE-SU-2018:0115-1, SUSE-SU-2018:0131-1, SUSE-SU-2018:0171-1, SUSE-SU-2018:0219-1, SUSE-SU-2018:0438-1, SUSE-SU-2018:0472-1, SUSE-SU-2018:0601-1, SUSE-SU-2018:0609-1, SUSE-SU-2018:0638-1, SUSE-SU-2018:0678-1, SUSE-SU-2018:0909-1, SUSE-SU-2018:1603-1, SUSE-SU-2018:1658-1, SUSE-SU-2018:1699-1, SUSE-SU-2018:2528-1, Synology-SA-18:01, USN-3516-1, USN-3522-1, USN-3522-2, USN-3522-3, USN-3522-4, USN-3523-1, USN-3523-2, USN-3523-3, USN-3524-1, USN-3524-2, USN-3525-1, USN-3540-1, USN-3540-2, USN-3541-1, USN-3541-2, USN-3583-1, USN-3583-2, USN-3597-1, USN-3597-2, VIGILANCE-VUL-24933, VMSA-2018-0007, VN-2018-001, VN-2018-002, VU#584653, XSA-254.

Description of the vulnerability

When the system uses an Intel processor, a local attacker can access to the kernel memory, in order to read sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2017-7738

FortiOS: information disclosure via fnsysctl

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via fnsysctl of FortiOS, in order to obtain sensitive information.
Impacted products: FortiGate, FortiGate Virtual Appliance, FortiOS.
Severity: 1/4.
Consequences: data reading.
Provenance: privileged account.
Creation date: 11/12/2017.
Identifiers: CERTFR-2017-AVI-459, CVE-2017-7738, FG-IR-17-172, VIGILANCE-VUL-24729.

Description of the vulnerability

An attacker can bypass access restrictions to data via fnsysctl of FortiOS, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2017-14186

FortiGate: Cross Site Scripting via SSL VPN Web Portal

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting via SSL VPN Web Portal of FortiGate, in order to run JavaScript code in the context of the web site.
Impacted products: FortiGate, FortiOS.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 24/11/2017.
Identifiers: CERTFR-2017-AVI-429, CVE-2017-14186, FG-IR-17-242, VIGILANCE-VUL-24526.

Description of the vulnerability

The FortiGate product offers a web service.

However, it does not filter received data via SSL VPN Web Portal before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting via SSL VPN Web Portal of FortiGate, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2017-7739

FortiOS: Cross Site Scripting via Web Proxy Disclaimer

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting via Web Proxy Disclaimer of FortiOS, in order to run JavaScript code in the context of the web site.
Impacted products: FortiGate, FortiGate Virtual Appliance, FortiOS.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 06/11/2017.
Identifiers: CERTFR-2017-AVI-392, CVE-2017-7739, FG-IR-17-168, VIGILANCE-VUL-24351.

Description of the vulnerability

The FortiOS product offers a web service.

However, it does not filter received data via Web Proxy Disclaimer before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting via Web Proxy Disclaimer of FortiOS, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2017-7733

FortiOS: Cross Site Scripting via Login Disclaimer

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting via Login Disclaimer of FortiOS, in order to run JavaScript code in the context of the web site.
Impacted products: FortiGate, FortiGate Virtual Appliance, FortiOS.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 25/10/2017.
Identifiers: CVE-2017-7733, FG-IR-17-113, VIGILANCE-VUL-24233.

Description of the vulnerability

The FortiOS product offers a web service.

However, it does not filter received data via Login Disclaimer before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting via Login Disclaimer of FortiOS, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2017-14182

FortiOS: denial of service via "params" Parameter

Synthesis of the vulnerability

An attacker can generate a fatal error via "params" Parameter of FortiOS, in order to trigger a denial of service.
Impacted products: FortiGate, FortiGate Virtual Appliance, FortiOS.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service, denial of service on client.
Provenance: intranet client.
Creation date: 25/10/2017.
Identifiers: CVE-2017-14182, FG-IR-17-206, VIGILANCE-VUL-24232.

Description of the vulnerability

An attacker can generate a fatal error via "params" Parameter of FortiOS, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2017-13077 CVE-2017-13078 CVE-2017-13079

WPA2: information disclosure via Key Reinstallation Attacks

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via Key Reinstallation Attacks of WPA2, in order to obtain sensitive information.
Impacted products: SNS, iOS by Apple, iPhone, Mac OS X, ArubaOS, Cisco Aironet, Cisco AnyConnect Secure Mobility Client, ASA, Meraki MR***, Cisco IP Phone, Cisco Wireless IP Phone, Debian, Fedora, FortiGate, FortiOS, FreeBSD, Android OS, Junos OS, SSG, Linux, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, Windows (platform) ~ not comprehensive, Windows RT, NetBSD, NetScreen Firewall, ScreenOS, OpenBSD, openSUSE Leap, pfSense, 802.11 protocol, RHEL, RuggedSwitch, SIMATIC, Slackware, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Synology DS***, Synology RS***, Ubuntu, Unix (platform) ~ not comprehensive.
Severity: 3/4.
Consequences: data reading.
Provenance: radio connection.
Number of vulnerabilities in this bulletin: 10.
Creation date: 16/10/2017.
Identifiers: ARUBA-PSA-2017-007, CERTFR-2017-ALE-014, CERTFR-2017-AVI-357, CERTFR-2017-AVI-358, CERTFR-2017-AVI-359, CERTFR-2017-AVI-360, CERTFR-2017-AVI-361, CERTFR-2017-AVI-363, CERTFR-2017-AVI-373, CERTFR-2017-AVI-379, CERTFR-2017-AVI-383, CERTFR-2017-AVI-390, CERTFR-2017-AVI-441, CERTFR-2017-AVI-478, CERTFR-2018-AVI-014, CERTFR-2018-AVI-048, cisco-sa-20171016-wpa, CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088, DLA-1150-1, DLA-1200-1, DLA-1573-1, DSA-3999-1, FEDORA-2017-12e76e8364, FEDORA-2017-45044b6b33, FEDORA-2017-60bfb576b7, FEDORA-2017-cfb950d8f4, FEDORA-2017-fc21e3856b, FG-IR-17-196, FreeBSD-SA-17:07.wpa, HT208221, HT208222, HT208334, HT208394, JSA10827, K-511282, KRACK Attacks, openSUSE-SU-2017:2755-1, openSUSE-SU-2017:2846-1, openSUSE-SU-2017:2896-1, openSUSE-SU-2017:2905-1, openSUSE-SU-2017:3144-1, RHSA-2017:2907-01, RHSA-2017:2911-01, SSA:2017-291-02, SSA-418456, SSA-901333, STORM-2017-005, SUSE-SU-2017:2745-1, SUSE-SU-2017:2752-1, SUSE-SU-2017:2847-1, SUSE-SU-2017:2869-1, SUSE-SU-2017:2908-1, SUSE-SU-2017:2920-1, SUSE-SU-2017:3106-1, SUSE-SU-2017:3165-1, SUSE-SU-2017:3265-1, SUSE-SU-2017:3267-1, SUSE-SU-2018:0040-1, SUSE-SU-2018:0171-1, Synology-SA-17:60, Synology-SA-17:60 KRACK, USN-3455-1, USN-3505-1, VIGILANCE-VUL-24144, VU#228519.

Description of the vulnerability

An attacker can bypass access restrictions to data via Key Reinstallation Attacks of WPA2, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2017-3130

FortiOS: information disclosure via IKE Vendor ID

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via IKE Vendor ID of FortiOS, in order to obtain sensitive information.
Impacted products: FortiGate, FortiGate Virtual Appliance, FortiOS.
Severity: 1/4.
Consequences: data reading.
Provenance: internet client.
Creation date: 09/08/2017.
Identifiers: CERTFR-2017-AVI-253, CVE-2017-3130, FG-IR-17-073, VIGILANCE-VUL-23483.

Description of the vulnerability

An attacker can bypass access restrictions to data via IKE Vendor ID of FortiOS, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce 23482

FortiOS: security improvement via SMBv1 Support Disabled

Synthesis of the vulnerability

The security of FortiOS was improved via SMBv1 Support Disabled.
Impacted products: FortiGate, FortiGate Virtual Appliance, FortiOS.
Severity: 1/4.
Consequences: no consequence.
Provenance: internet client.
Creation date: 09/08/2017.
Identifiers: CERTFR-2017-AVI-253, FG-IR-17-103, VIGILANCE-VUL-23482.

Description of the vulnerability

This bulletin is about a security improvement.

It does not describe a vulnerability.

The security of FortiOS was therefore improved via SMBv1 Support Disabled.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about FGT: