Unlock Exclusive Benefits
Join Our Community Today!
Join our community and post in the forum to earn your exclusive Summer 2024 badge! Become a member today!
LOGIN/REGISTER
CONTINUE AS A GUEST
- Forums
- Knowledge Base
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiBridge
- FortiAuthenticator
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDDoS
- FortiDAST
- FortiDB
- FortiDNS
- FortiDevSec
- FortiDeceptor
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGuard
- FortiGate Cloud
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiMonitor
- FortiManager
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiScan
- FortiSASE
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiToken
- FortiTester
- FortiWAN
- FortiVoice
- FortiWeb
- FortiWebCloud
- RMA Information and Announcements
- Wireless Controller
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Clarity for PSIRT advisory FG-IR-23-446
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Clarity for PSIRT advisory FG-IR-23-446
Please advise if the vulnerability affects forwarded traffic or only local traffic to the fortigate.
Any advice on workarounds would be appreciated as well.
Thank you.
Labels:
- Labels:
-
FortiGate
Nominate a Forum Post for Knowledge Article Creation
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
6 REPLIES 6
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi jmiezitis,
You can check the link: https://www.fortiguard.com/psirt/FG-IR-23-446
You need to upgrade your device, as advised.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The advice is to upgrade to a "feature" version we are running "mature" and previous Fortinet advice has been to run "mature" versions in production environments.
Thoughts?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Fortinet recommends to use the mature version as you mentioned but on this case a vulnerability was discovered on it, so to fix you need to upgrade to a feature version and the feature version has the fix for FG-IR-23-446
On link sent the severity of this vulnerability is marked as low, you are the right person, once you know your environment to decided if you should take the risk of running a mature version affected by FG-IR-23-446 or upgrade to a feature version that has a fix for it.
If you feel that you need some help Fortinet TAM team offers a service called software upgrade recommendation (with bug scrub). That might be what you are looking for.
Here is a link that explain those services: https://community.fortinet.com/t5/Customer-Service/Technical-Tip-Support-Portal-Advanced-Services-Re...
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I accept that it is a decision I need to make however I need more information to be able to make that call.
Does the vulnerability affect forwarded traffic or only local traffic to the fortigate?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
After spending a lot of time looking into this I think the clarification I need is around the terminology "IP blocklist". Is this specifically referring to "External Connector/IP Address" feeds?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi jmiezitis,
I believe is just the list of IP that is blocked does not matter how (local-in policy or normal firewall policy). I requested a clarification to our internal team regarding your previous question but I haven't heard yet. If you have access to Fortinet support, just raise a ticket, this will speed up the process.
Announcements
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
Related Posts
- FortiGate 121G "hardware switch" feature? 293 Views
- Clarity on Vulnerability FG-IR-23-225 376 Views
- Clarity on Symmetric and Asymmetric Routing... 611 Views
- FortiAnalyzer HA can't work 868 Views
Labels
-
FortiGate
7,512 -
FortiClient
1,477 -
5.2
801 -
FortiManager
641 -
5.4
639 -
FortiAnalyzer
487 -
6.0
416 -
FortiAP
390 -
FortiSwitch
388 -
5.6
362 -
FortiClient EMS
319 -
FortiMail
288 -
6.2
251 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
182 -
FortiNAC
139 -
SSL-VPN
131 -
6.4
128 -
IPsec
127 -
FortiGuard
122 -
FortiGateCloud
97 -
FortiCloud Products
93 -
FortiSIEM
91 -
FortiToken
80 -
Customer Service
73 -
Wireless Controller
68 -
SD-WAN
66 -
4.0MR3
64 -
FortiProxy
54 -
FortiEDR
48 -
FortiADC
48 -
FortiAuthenticator
47 -
Fortivoice
46 -
FortiDNS
43 -
Firewall policy
41 -
FortiSandbox
39 -
FortiExtender
39 -
VLAN
37 -
FortiGate v5.4
36 -
High Availability
34 -
FortiSwitch v6.4
32 -
DNS
28 -
BGP
27 -
LDAP
27 -
FortiConnect
26 -
ZTNA
26 -
FortiGate v5.2
24 -
FortiWAN
24 -
Routing
24 -
FortiConverter
23 -
Interface
23 -
SAML
22 -
Certificate
22 -
Authentication
21 -
FortiSwitch v6.2
20 -
NAT
20 -
VDOM
19 -
FortiLink
19 -
FortiPortal
18 -
RADIUS
16 -
Logging
16 -
FortiMonitor
16 -
Virtual IP
16 -
Web profile
16 -
FortiGate v5.0
15 -
SSL SSH inspection
15 -
Fortigate Cloud
14 -
FortiDDoS
14 -
SSO
14 -
Application control
14 -
Traffic shaping
13 -
FortiManager v5.0
12 -
FortiCASB
12 -
IP address management - IPAM
11 -
FortiRecorder
10 -
SSID
10 -
Static route
10 -
WAN optimization
10 -
4.0MR2
9 -
FortiGate v4.0 MR3
9 -
FortiAnalyzer v5.0
9 -
FortiSOAR
9 -
FortiWeb v5.0
9 -
SNMP
9 -
RMA Information and Announcements
9 -
OSPF
9 -
FortiAP profile
9 -
FortiManager v4.0
8 -
FortiBridge
8 -
Admin
8 -
Security profile
8 -
Proxy policy
8 -
Web application firewall profile
8 -
4.0
7 -
FortiCache
7 -
Automation
7 -
trunk
6 -
IPS signature
6 -
Antivirus profile
6 -
Traffic shaping policy
6 -
System settings
6 -
FortiCarrier
5 -
FortiDirector
5 -
DNS Filter
5 -
Packet capture
5 -
FortiPAM
5 -
FortiTester
5 -
Users
5 -
Port policy
5 -
Intrusion prevention
5 -
Fortinet Engage Partner Program
5 -
3.6
4 -
FortiDeceptor
4 -
FortiToken Cloud
4 -
FortiScan
4 -
Explicit proxy
4 -
Traffic shaping profile
4 -
Application signature
4 -
DLP sensor
4 -
DoS policy
4 -
Web rating
4 -
FortiInsight
3 -
FortiDB
3 -
FortiCWP
3 -
FortiHypervisor
3 -
NAC policy
3 -
Authentication rule and scheme
3 -
DLP Dictionary
3 -
DLP profile
3 -
Email filter profile
3 -
Fabric connector
3 -
File filter
3 -
Multicast routing
3 -
FortiAI
2 -
FortiNDR
2 -
Internet service database
2 -
Netflow
2 -
Protocol option
2 -
Replacement messages
2 -
Schedule
2 -
Service
2 -
VoIP profile
2 -
Zone
2 -
4.0MR1
1 -
FortiManager-VM
1 -
Kerberos
1 -
RIP
1 -
Subscription Renewal Policy
1 -
Video Filter
1 -
TACACS
1 -
SDN connector
1 -
Multicast policy
1
Top Kudoed Authors
| User | Count |
|---|---|
| 1276 | |
| 943 | |
| 676 | |
| 441 | |
| 177 |
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.