Summary
Failure to sanitize input in the SSL VPN web portal may allow an attacker to perform a reflected Cross-site Scripting (XSS) attack via multiple parameters of the error page HTTP request.
Affected Products
CVE-2019-5586
FortiOS 6.0.0 to 6.0.4
FortiOS 5.2.0 to 5.6.10
CVE-2019-5588
FortiOS 6.0.0 to 6.0.4
Solutions
Upgrade to FortiOS 5.6.11, 6.0.5 or 6.2.0
Workarounds:
Disable the SSL-VPN web portal service by applying the following CLI commands:
config vpn ssl settings
unset source-interface
end
Revision History:
05-24-2019 Initial version
08-21-2019 Add 5.6 branch fixing for CVE-2019-5586
Acknowledgement
Fortinet is pleased to thank Aaron Hall from Verizon Media Group (Oath) for reporting CVE-2019-5586 and Nathan HARDY Cybersecurity Engineer/Consultant at Sogeti Luxembourg for reporting CVE-2019-5588 under responsible disclosures.
PSIRT