Hi,
I'm testing the FortiClient EMS solution on a trial license. After updating to version 7.2.6, the system detected the PHP CVE-2024-11236 Out of Bounds Write Vulnerability. Is there a way to report this to have the vulnerable application version updated?
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi @Andrzej_PL ,
Thanks for reporting this vulnerability.
We have this Mantis 1089768 tracking this issue. The fix will be included in FortiClient EMS 7.2.7 GA.
Hi,
Please refer:-
https://www.fortiguard.com/encyclopedia/endpoint-vuln/82436
I do not see forticlient ems is affected
ok but it is scan result on ems server - version 7.2.6 is windows platform
This Forticlient is install in the wins server where EMS server is setup?
exactly
so... any ideas?
Hi @Andrzej_PL ,
Thanks for reporting this vulnerability.
We have this Mantis 1089768 tracking this issue. The fix will be included in FortiClient EMS 7.2.7 GA.
Hi,
unfortunately, the problem remains in the new client version 7.2.7 - the version of the php application with the given vulnerability is still used. php.exe must be in version 8.3.14, and it is in 8.3.13
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.