FortiClient has been alerting me about the following OpenSSL vulnerabilities V 10.0.12

jariya_1 · ‎06-27-2024

Recently, FortiClient has been alerting me about the following OpenSSL vulnerabilities:

OpenSSL CVE-2024-0727 Denial of Service Vulnerability
OpenSSL CVE-2023-5678 Denial of Service Vulnerability Despite updating to FortiClient version 7.0.12, these vulnerabilities are still being flagged, and I am concerned about the security implications for our systems.

ndumaj · ‎06-28-2024

Hi @jariya_1

We have reported this internally and the vulnerable library will be upgraded to the latest version that fixes the vulnerability when FortiClient 7.2.5 is released.

BR

- Happy to help, hit like and accept the solution -

jariya_1 · ‎06-28-2024

Thanks, Ndumaj
What is the difference between 7.2.X and 7.0.X? Please explain to me.

bow_kkraft · ‎07-12-2024

We've received an update for 7.0.13 on our EMS and deployed to test machines, but the vulnerability is still there.

mpapisetty · ‎07-17-2024

The issue is only resolved in 7.2.5 and 7.4.1 versions. Once the releases get published, you can update the same. No fix would be available on 7.0 releases.

HTH
Manoj Papisetty

Daagvandermeer · ‎06-28-2024

7.2.5 is still not available for me in FortiClient EMS

ndumaj · ‎06-28-2024

Hi @Daagvandermeer

It is expected to be released by the end of next month.

BR

- Happy to help, hit like and accept the solution -

Daagvandermeer · ‎06-28-2024

Great... During summer holidays.

ndumaj · ‎06-28-2024

Dear @Daagvandermeer

Please note that this is a current expectation, release dates are not fixed and might be changed without any prior notice.

BR

- Happy to help, hit like and accept the solution -

FortiClient has been alerting me about the following OpenSSL vulnerabilities V 10.0.12

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website