FortiManager
FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches.
fropert_FTNT
Staff
Staff
Article Id 190649
Description
The BeyondTrust Retina scanner reports that FortiManager is vulnerable to multiple OpenSSH vulnerabilities.

It includes CVE-2015-5352, CVE-2015-5600, CVE-2015-6564 and CVE-2015-6565.

Solution
The current version of OpenSSH embedded in FortiManager is customized and protected from latest vulnerabilities despite the SSH banner showing OpenSSH 6.0p1.

  • CVE-2015-5352 requires X11 connections to be enabled in the OpenSSH configuration.

    FortiManager does not permit X11 connections and is not vulnerable.

  • CVE-2015-5600 relies on the misuse of the OpenSSH keyboard-interactive authentication with the MaxAuthTries setting to trigger a bruteforce attack.

    The OpenSSH embedded in FortiManager uses a custom protection to prevent any bruteforce attack.  FortiManager is not prone to this vulnerability.

  • CVE-2015-6564 is exploitable with the OpenSSH portable version.

    FortiManager does not use the OpenSSH portable version and is not vulnerable.

  • CVE-2015-6565 concerns only OpenSSH 6.8 and 6.9.

    FortiManager does not use these OpenSSH version.

After further investigation, this proves to be false positive.

All supported versions of FortiManager are not vulnerable.

Contributors