Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
lubyou
New Contributor

FortiOS 5.0.5+ and CVE-2014-0160

Hello, I currently have a few fortigates running 5.0.5, which are vulnerable to CVE-2014-0160. I guess that 5.0.6 is vulnerable as well, can anybody confirm? Any indication when new firmwares are going to be released?
14 REPLIES 14
mhe
Contributor II

Yes, 5.0 is vulnerable. Patched Firmware Images should be available April 9, at 5PM Pacific Daylight Time. martin
Carl_Wallmark
Valued Contributor

Yes, 5.0.7 will be released today to fix the issue. While waiting, you can go here and apply some workarounds: http://www.fortiguard.com/advisory/FG-IR-14-011/

FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C

FCNSA, FCNSP---FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30BFortiAnalyzer 100B, 100CFortiMail 100,100CFortiManager VMFortiAuthenticator VMFortiTokenFortiAP 220B/221B, 11C
lubyou
New Contributor

Okay, thank you.
harald21
Contributor

5.0.7 is out
Carl_Wallmark
Valued Contributor

but not for FG200B

FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C

FCNSA, FCNSP---FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30BFortiAnalyzer 100B, 100CFortiMail 100,100CFortiManager VMFortiAuthenticator VMFortiTokenFortiAP 220B/221B, 11C
Dipen
New Contributor III

I think there is no version 5.x for 200B at all... Good news is that ver 4.x is not Vulnerable to Heartbleed.

Ahead of the Threat. FCNSA v5 / FCNSP v5

Fortigate 1000C / 1000D / 1500D

 

Ahead of the Threat. FCNSA v5 / FCNSP v5 Fortigate 1000C / 1000D / 1500D
wengert
New Contributor

I opened a ticket about the missing 200B-Firmware this Morning. Answer: Dear Customer, There has been issue on the support portal and 5.0.7 GA release is missing. Our team is working on it and downloadable patch release will be available on Fortinet’s support portal later today Thank You.
Carl_Wallmark
Valued Contributor

I got the same thing

FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C

FCNSA, FCNSP---FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30BFortiAnalyzer 100B, 100CFortiMail 100,100CFortiManager VMFortiAuthenticator VMFortiTokenFortiAP 220B/221B, 11C
rwpatterson
Valued Contributor III

It' s there now...

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
Labels
Top Kudoed Authors