SSL VPN Web Portal user credentials may be leaked to super_admins
Summary
An admin user with super_admin privileges (i.e. with a super_admin profile) may view the current sslvpn web portal session info, using the fnsysctl CLI command. This info includes user credentials.
Affected Products
FortiOS 5.6 branch: 5.6.0 to 5.6.2FortiOS 5.4 branch: 5.4.0 to 5.4.5
FortiOS 5.2 and below versions
Solutions
Upgrade to FortiOS 5.4.6 or 5.6.3Acknowledgement
Fortinet is pleased to thank Jean-Noel Meurisse, Solvay S.A. for reporting this vulnerability under responsible disclosure.