Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
EHoegee
New Contributor II

CVE-2023-27997

Is there any official report on this that comes from Fortinet?

I see a lot of people patching but so far no report from Fortinet.

 

Thank you in advance,

 

Evert

1 Solution
Late2IT
New Contributor

14 REPLIES 14
freddelm
New Contributor II

Also Does the Vulnerability apply if SSL-VPN is not enabled on the Fortigate?

 

My config is 

 

config vpn ssl settings

set status disable

JS_DC
New Contributor

Also curious about this.  We disabled SSL-VPN after the last public vulnerability as a mitigation and left it disabled. 

Toshi_Esumi
Esteemed Contributor III

It seems to come out tomorrow in I guess US time.
https://www.helpnetsecurity.com/2023/06/11/cve-2023-27997/

 

Toshi

EHoegee
New Contributor II

Yes, that is indeed also what I got back from Support!

Late2IT
New Contributor

EHoegee
New Contributor II

You saved my day!

EHoegee
New Contributor II

Toshi_Esumi
Esteemed Contributor III

Can someone from FTNT tell us when those release notes would be updated to include "no longer vulnerable" statement in? Don't seem to be updated yet.

 

Toshi

Toshi_Esumi
Esteemed Contributor III

I now see the release notes are updated to include the fixes.

 

Thanks,

 

 

Toshi

Labels
Top Kudoed Authors