nick22d - Thanks for the reply. Unfortunately, as a large MSSP for predominately financial institutions, we cannot upgrade our customers' Fortigates to a new FortiOS just because it's the "latest version". All the HA and GUI bugs that arose in FortiOS v5.4.6 and v5.4.7 are great examples of why one should not blindly upgrade to the new firmware iteration before extensive testing is complete.
Hi,
both CVEs are now public:
https://fortiguard.com/psirt/FG-IR-17-231
https://fortiguard.com/psirt/FG-IR-17-245
Regards
bommi
NSE 4/5/7
we upgrade our forti OS form 5.4.8 to 5.4.9
Reason for the upgrade is a potentially vulnerable leak.
https://fortiguard.com/psirt/FG-IR-17-160
Has anyone upgraded to v5.4.9? Is anyone experiencing any issues with v5.4.8 to justify upgrading to v5.4.9?
Our organization recently adopted v5.4.8 and have not experienced any issues as of late with approximately 100+ Fortigates of varying models running full UTMs.
It is generally considered a best practice to keep your Fortigate up to date with the latest version installed. One of the main benefits is patching previously discovered vulnerabilities. Have a look at the link below for issues related to specific versions of Fortigate:
[link]https://fortiguard.com/[/link]
NSE5, CCSE, CCNA R&S, CompTIA A+, CompTIA Network+, CompTIA Security+, MTA Security, ITIL v3
nick22d - Thanks for the reply. Unfortunately, as a large MSSP for predominately financial institutions, we cannot upgrade our customers' Fortigates to a new FortiOS just because it's the "latest version". All the HA and GUI bugs that arose in FortiOS v5.4.6 and v5.4.7 are great examples of why one should not blindly upgrade to the new firmware iteration before extensive testing is complete.
There are two CVE's i can't find any information on, only that the numbers are reserved.
Anyone know more?
2017-14185 2017-14187
Upgraded a couple of development / test firewalls from 5.4.8 to 5.4.9. Don't see any issues associated to the upgrade.
Will report as I ssslllloooowwwwllly roll this upgrade out to various production firewalls.
-DDSkier FCNSA, FCNSP FortiGate 400D, (2) 200D, (12) 100D, (2) 60D
Rolled this version out everywhere. No issues.
-DDSkier FCNSA, FCNSP FortiGate 400D, (2) 200D, (12) 100D, (2) 60D
Same here - rolled out in weekend on a 100d cluster and no issues - my problem with the browser crashing when looking at fortiview cloud applications isnt fixed :(
Since upgrade to 5.4.9, some VPN SSL users complain that they are frequently disconnected.
do you have same issue ?
2 FGT 100D + FTK200
3 FGT 60E FAZ VM some FAP 210B/221C/223C/321C/421E
Just check if you see an crash of the sslvpnd using this command:
diag debug crashlog read
Regards
bommi
NSE 4/5/7
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.