PSIRTImproper validation of dispatcher socket parameters
Summary
A server-side request forgery (SSRF) (CWE-918) vulnerability in FortiManager and FortiAnalyser GUI may allow a remote and authenticated attacker to access unauthorized files and services on the system via specifially crafted web requests.
Affected Products
FortiManager versions 7.0.0
FortiManager versions 6.4.5 and below.
FortiManager versions 6.2.7 and below.
FortiManager versions 6.0.x
FortiManager versions 5.6.x
FortiAnalyzer versions 7.0.0
FortiAnalyzer versions 6.4.5 and below.
FortiAnalyzer versions 6.2.7 and below.
FortiAnalyzer versions 6.0.x
FortiAnalyzer versions 5.6.x
Solutions
Please upgrade to FortiManager 7.0.1 or above.
Please upgrade to FortiManager 6.4.6 or above.
Please upgrade to FortiManager 6.2.8 or above.
Please upgrade to FortiAnalyzer 7.0.1 or above.
Please upgrade to FortiAnalyzer 6.4.6 or above.
Please upgrade to FortiAnalyzer 6.2.8 or above.
Acknowledgement
Fortinet is pleased to thank Clément Amic, Pierre Milioni and Adrien Peter from Synacktiv for reporting this vulnerability under responsible disclosure.Timeline
2021-08-03: Initial publication