CVE-2021-3712 founded on FortiSIEM Linux Agent

Forum|Forum|1 year ago
April 3, 2025
2 replies
1116 views

Hi guys,

TL;DR, I have found CVE-2021-3712 on this file /opt/fortinet/fortisiem/linux-agent/lib64/libcrypto.so.1.1.1k,

I need to do some patching or some workaround that resolved this CVE. (This CVE that I've founded)

I have doubt that FortISIEM Linux Agent can be install higher version of Collector?

Like I have collector version 7.1.7 and I would like to installer Agent higher version could it be possible?

Regards,

aebadi

Staff

Hello here is the Compactivity Matrix : Linux agent 5.3.0 - 7.1.7
FortiSIEM Version Compatibility for Rocky Linux Based Releases | FortiSIEM 7.1.7 | Fortinet Document Library

RHEL/ROCKY backpatch has CVE-2021-3712 already patched >>>>>> so vulnerability is false positive here. <<<<<<<< # rpm -q --changelog openssl-1.1.1k-12.el8_9.x86_64 | grep -i 3712 - Fixes CVE-2021-3712 openssl: Read buffer overruns processing ASN.1 strings

SunatPAuthor

New Member

Hi,

I have seen openssl-1.1.1k only on lib, how to make sure that is patched as openssl-1.1.1k-12?

SunatPAuthor

New Member

Hi,

Another question, as far as I knew that openssl-1.1.1k-12.el8_9.x86_64 is below,

- Package Version 1.1.1k

- Package Release 12.el8_9
but after installed why I only seen the openssl-1.1.1k not the full name of package file?

Regards,

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded