Fortinet, bazı ürünlerinde orta, bazı ürünlerinde ise yüksek seviyede bulgu saptadıklarını, müşterilerinin yama yapmalarının önem arz ettiğini bildiren bir uyarı yayımladı.
Fortigate 1 Adet, Fortiweb 4 adet, FortiDeceptor 1 adet bulgu yayımlandı.
Link: https://www.fortiguard.com/psirt?date=01-2021
Aşağıda listeyi bulabilirsiniz;
Ürün: Fortigate
CVE: CVE-2020-29010
Summary
An exposure of sensitive information to an unauthorized actor vulnerability in FortiGate may allow a remote authenticated attacker to read the SSL VPN events log entries of users in other VDOMs by executing “get vpn ssl monitor” from the CLI. The sensitive data includes usernames, user groups, and IP addresses.
Affected Products
FortiGate versions 6.0.10 and below.
FortiGate versions 6.2.4 and below.
FortiGate versions 6.4.1 and below.
Solutions
Please upgrade to FortiGate version 6.0.11 or above.
Please upgrade to FortiGate version 6.2.5 or above.
Please upgrade to FortiGate version 6.4.2 or above.
Ürün: FortiWeb
CVE: CVE-2020-29015
FortiWeb is vulnerable to a blind SQL injection
Summary
A blind SQL injection in the user interface of FortiWeb may allow an unauthenticated, remote attacker to execute arbitrary SQL queries or commands by sending a request with a crafted Authorization header containing a malicious SQL statement.
Affected Products
FortiWeb versions 6.3.7 and below.
FortiWeb versions 6.2.3 and below.
Solutions
Please upgrade to FortiWeb versions 6.3.8 or above.
Please upgrade to FortiWeb versions 6.2.4 or above.
CVE: CVE-2020-29016
Stack-Based Buffer Overflow vulnerability in FortiWeb
Summary
A stack-based buffer overflow vulnerability in FortiWeb may allow an unauthenticated, remote attacker to overwrite the content of the stack and potentially execute arbitrary code by sending a crafted request with a large certname.
Impact
Execute unauthorized code or commands
Affected Products
FortiWeb versions 6.3.5 and below.
FortiWeb versions 6.2.3 and below.
Solutions
Please upgrade to FortiWeb versions 6.3.6 or above.
Please upgrade to FortiWeb versions 6.2.4 or above.
CVE: CVE-2020-29019
FortiWeb is vulnerable to a buffer overflow.
Summary
A stack-based buffer overflow vulnerability in FortiWeb may allow a remote, authenticated attacker to crash the httpd daemon thread by sending a request with a crafted cookie header.
Impact
Denial of service
Affected Products
FortiWeb versions 6.3.7 and below.
FortiWeb versions 6.2.3 and below.
Solutions
Please upgrade to FortiWeb versions 6.3.8 or above.
Please upgrade to FortiWeb versions 6.2.4 or above.
CVE: CVE-2020-29018
FortiWeb is vulnerable to a Format string vulnerability
Summary
A format string vulnerability in FortiWeb may allow an authenticated, remote attacker to read the content of memory and retrieve sensitive data via the redir parameter.
Impact
Execute unauthorized code or commands
Affected Products
FortiWeb versions 6.3.5 and below.
Solutions
Please upgrade to FortiWeb versions 6.3.6 or above.
Ürün: FortiDeceptor
CVE: CVE-2020-29017
FortiDeceptor is impacted by an OS command injection vulnerability
Summary
An OS command injection vulnerability in FortiDeceptor may allow a remote authenticated attacker to execute arbitrary commands on the system by exploiting a command injection vulnerability on the Customization page.
Impact
Execute unauthorized code or commands
Affected Products
FortiDeceptor versions 3.1.0 and below.
FortiDeceptor versions 3.0.1 and below.
Solutions
Please upgrade to FortiDeceptor versions 3.2.0 or above.
Please upgrade to FortiDeceptor versions 3.1.1 or above.
Please upgrade to FortiDeceptor versions 3.0.2 or above.