PSIRT Advisory

Firewall information leak to regular SSL VPN web portal users

Summary

A SSL VPN user logged in via the web portal can access internal FortiOS configuration information (eg: addresses) via specifically crafted URLs.

Impact

Information Disclosure

Affected Products

FortiOS 5.6.0 to 5.6.2
FortiOS 5.4.0 to 5.4.8
FortiOS 5.2 branch all versions

Solutions

Upgrade to FortiOS 5.6.3 or 5.4.9 or newer versions.

Acknowledgement

Fortinet is pleased to thank Fox-IT (https://www.fox-it.com) reporting this vulnerability under responsible disclosure.