Technical Tip: How to clear vulnerability prompt on a managed FortiGate
Description
This article describes how to clear the vulnerability prompt (and make it reappear) when logging into FortiGate, using FortiManager.
Scope
FortiManager, FortiGate.
Solution
When there are critical vulnerabilities on FortiGate, a vulnerability prompt is displayed when logging into FortiGate:
Note: The warning prompt is part of security rating. It is recommended to follow the instructions mentioned in the prompt and upgrade the vulnerable device.
The button 'Skip upgrade & I understand the risk' can be used to skip the warning one time. To stop the prompt from appearing again, it can be cleared on the FortiGate as described in Upgrade prompt when a critical vulnerability is detected upon login.
To clear the prompt using FortiManager: Go to Device Manager -> Scripts -> Create new -> Set 'Run on' option to 'Remote FortiGate Directly (via CLI)' and use the following command:
diagnose report-runner vuln-clean
Run the script on the FortiGate(s). Upon the next FortiGate login, the message will not be displayed.
The following command can be used to get the warning prompt to display again:
diagnose report-runner trigger security-rating-reports
Related documents: