https://fortiguard.com/psirt/FG-IR-19-144
https://kb.fortinet.com/kb/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=FD45293
How are people acting on this? Are you upgrading / have already upgraded? How have you upgraded?
The advisory is quite vague in explanation of the issue and quite strong in the advise to upgrade NOW in my opinion. If it just involves a failure to properly check revoked certificates then that would mainly affect client cert authentication (yes it affects server certificates but exploits there would involve some man in the middle magic). Which you can easily check if you use it and then don't choose to upgrade. but if it would be just that i can't imagine a advisory of this level.
Next to that the interesting line on the manual upgrade. Mentioning TFTP and USB, but not mentioning HTTPS (regular file upload), so is that OK or not. Why would you omit the most common way (next to download from FortiGuard) if it is allowed.
PS: I have a ticket with support open, but looking for community input.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Pretty bad description indeed. Could be OCSP, CRL request ... or updates to FortiGuard Servers ... or ...
How can an administrator decide to upgrade or not based on the provided information?
Thanks for providing us your ticket output.
Bump
It looks like one of their workarounds is the IPS signature, and looking into that sig, they specify revoked Fortinet certificates. So I would assume as long as you arent using Fortinet certs for anything you should be fine.
I wont be rushing to upgrade for this.
the whole situation feels kinda weird. critical bulletin, but medium IPS signature.
support did say it only involves Fortinet certificates indeed. they also indicated it mainly revolving about authentication with certificates.
still if that is it, why the critical bulletin, don't get it.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.