Application control block page leaks private IP and hostname
Summary
The default replacement message in FortiOS' Application control block page reveals the private IP as well as the hostname of the FortiGate.
Affected Products
FortiOS 5.6.5, 6.0.1 and below.
Solutions
Upgrade to FortiOS 5.6.6, 6.0.2 or later
Work around:
All the replacement messages are configurable by the administrators. The default replacement messages are just templates. An administrator can easily change them to suit their needs. For example, remove the server/client IPs and FortiOS host names.
Acknowledgement
Fortinet is pleased to thank Anandraj Amaran Security Researcher,22by7 solutions (22by7.in)Â and Mark Oakton at Infosec Partners for reporting this vulnerability under responsible disclosure.