Format string vulnerability in administrative interface

Summary

A use of externally-controlled format string vulnerability [CWE-134] in FortiManager, FortiAnalyzer, FortiAnalyzer-BigData & FortiPortal may allow a privileged attacker to execute unauthorized code or commands via specially crafted command arguments.

Affected Products

FortiPortal 7.2 all versions are not affected
FortiPortal 7.0 all versions are not affected
FortiPortal version 6.0.0 through 6.0.14
FortiPortal 5.3 all versions
FortiManager version 7.4.0 through 7.4.1
FortiManager version 7.2.0 through 7.2.3
FortiManager version 7.0.0 through 7.0.9
FortiManager 6.4 all versions
FortiManager 6.2 all versions
FortiAnalyzer-BigData 7.4 all versions are not affected
FortiAnalyzer-BigData version 7.2.0 through 7.2.5
FortiAnalyzer-BigData 7.0 all versions
FortiAnalyzer-BigData 6.4 all versions
FortiAnalyzer-BigData 6.2 all versions
FortiAnalyzer version 7.4.0 through 7.4.1
FortiAnalyzer version 7.2.0 through 7.2.3
FortiAnalyzer version 7.0.0 through 7.0.9
FortiAnalyzer 6.4 all versions
FortiAnalyzer 6.2 all versions

Solutions

Please upgrade to FortiPortal version 6.0.15 or above
Please upgrade to FortiAnalyzer-BigData version 7.4.0 or above
Please upgrade to FortiAnalyzer-BigData version 7.2.6 or above
Please upgrade to FortiManager version 7.4.2 or above
Please upgrade to FortiManager version 7.2.4 or above
Please upgrade to FortiManager version 7.0.10 or above

Please upgrade to FortiAnalyzer version 7.4.2 or above
Please upgrade to FortiAnalyzer version 7.2.4 or above
Please upgrade to FortiAnalyzer version 7.0.10 or above

Acknowledgement

Internally discovered and reported by Diego Bernardelli from Fortinet's advanced TAC support team.

Timeline

2024-03-07: Initial publication