The latest build of FortiClient EMS ships apache version 2.4.54, which is vulnerable to CVE-2023-25690 and others.
Is there a planned fix, or is it possible to upgrade apache independently to the rest of the application?
Thanks.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
This is fixed from 7.2.1 versions and that is the latest build for EMS. Are you saying you are seeing the issue on 7.2.1 or 7.2.0 ?
Hello greeve,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
This is fixed from 7.2.1 versions and that is the latest build for EMS. Are you saying you are seeing the issue on 7.2.1 or 7.2.0 ?
Thanks for the help srajeswaran. The issue was on 7.2.0, apologies for not being specific. There was no 7.2.1 at the time; looks like it was released on the day I asked the question.
Suraj,
Do you know where I can find a table or document that shows the Apache versions associated with the EMS version? The 7.2.1 release is brand new and we prefer to test new releases for a few months prior to whitelisting them for deployment so if 7.0.8's Apache build will also resolve the issue we'd deploy it instead. Any sort of document showing the EMS/Apache build versions together would be a big help.
Regards,
Blake Webb
I'm afraid I don't know. In fact I haven't seen httpd or Apache mentioned at all in any documentation I've read.
Hello Blake,
I can't see any table/document for Apache and EMS versions, but I can see that the fix for this issue is in 7.0.9 (release expected this week).
Dear Suraj,
One of our customer having EMS 7.0.8. Are we still need to upgrade the EMS?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1712 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.