Skip to main content
StevenT
StevenT
Explorer II
September 4, 2023
Solved

Anyone know about the OpenSSH in fortigate or fortimanager?

  • September 4, 2023
  • 1 reply
  • 6995 views

Hi,

 

We had hired VAPT to test and below is the report from them.

Fortigate 7.0.11 & Fortimanager 7.0.10

 

Does anyone know about this?

How to find out the OpenSSH version (not referring to SSH protocol version 2) used in Fortigate?

Or does fortigate uses any OpenSSH?

As OpenSSH v7.9 is affected by the vulnerability, CVE-2019-6111.
If it’s affected, what is the workaround to mitigate from attacks?

Thank you

 

Category: A06:2021-Vulnerable and Outdated Components
Vul Findings:
Vulnerable OpenSSH Version

The installed version of OpenSSH is affected by multiple vulnerabilities

- logic error
- out-of-bouns read
- double-free memory fault
- fail open permission list
- one-byte overflow
- double free in error path
- integer overflow
- improper group inheritance
- exploitation of low-privilege code
- double-free memory corruption
- CVE-2020-14871
- integer overflow
- memory side-channel attack
- CVE-2019-6111
- zero-length files creation

Best answer by spoojary

Fortinet FortiGate devices do use SSH for remote management and configuration purposes. However, they do not use OpenSSH, which is a common open-source implementation of SSH used on many Unix-based systems. Fortinet has its own proprietary implementation of SSH for their devices.

Regarding the specific CVE-2019-6111 vulnerability you mentioned, it's important to note that it applies to the OpenSSH project and not Fortinet's SSH implementation. Fortinet typically keeps its software components up to date and issues security patches as needed.

To address the findings from the VAPT report:

  1. Verify Fortinet's Security Advisories: Check Fortinet's official security advisories and release notes for the FortiGate and FortiManager products. Look for any mentions of security vulnerabilities and updates related to the SSH implementation.

  2. Apply Relevant Updates: If there are security updates or patches available from Fortinet that address the vulnerabilities mentioned in the report, apply them to your FortiGate and FortiManager devices. This will help mitigate the security risks associated with these vulnerabilities.

  3. Consult Fortinet Support: If you are uncertain about the status of your devices or how to apply updates, it's advisable to contact Fortinet support or your Fortinet account representative for guidance and assistance.

  4. Regularly Monitor for Security Updates: Stay informed about security updates for your Fortinet devices and ensure that you have a process in place to apply them in a timely manner to maintain the security of your network infrastructure.

Remember that addressing security vulnerabilities is critical to maintaining a secure network environment, so it's important to act promptly and follow best practices for keeping your devices up to date with security patches.

1 reply

spoojary
Staff
spoojaryAnswer
Staff
September 4, 2023

Fortinet FortiGate devices do use SSH for remote management and configuration purposes. However, they do not use OpenSSH, which is a common open-source implementation of SSH used on many Unix-based systems. Fortinet has its own proprietary implementation of SSH for their devices.

Regarding the specific CVE-2019-6111 vulnerability you mentioned, it's important to note that it applies to the OpenSSH project and not Fortinet's SSH implementation. Fortinet typically keeps its software components up to date and issues security patches as needed.

To address the findings from the VAPT report:

  1. Verify Fortinet's Security Advisories: Check Fortinet's official security advisories and release notes for the FortiGate and FortiManager products. Look for any mentions of security vulnerabilities and updates related to the SSH implementation.

  2. Apply Relevant Updates: If there are security updates or patches available from Fortinet that address the vulnerabilities mentioned in the report, apply them to your FortiGate and FortiManager devices. This will help mitigate the security risks associated with these vulnerabilities.

  3. Consult Fortinet Support: If you are uncertain about the status of your devices or how to apply updates, it's advisable to contact Fortinet support or your Fortinet account representative for guidance and assistance.

  4. Regularly Monitor for Security Updates: Stay informed about security updates for your Fortinet devices and ensure that you have a process in place to apply them in a timely manner to maintain the security of your network infrastructure.

Remember that addressing security vulnerabilities is critical to maintaining a secure network environment, so it's important to act promptly and follow best practices for keeping your devices up to date with security patches.

Terms & ConditionsAccessibility statement