Hello Fortinet users,
have you read https://fortiguard.com/psirt/FG-IR-18-100 and https://seclists.org/bugtraq/2019/Nov/38 already?
The author of the vulnerability suggests that all information of traffic that is analyzed by "FortiGuard AntiVirus", "FortiGuard AntiSpam" and "FortiGuard Web Filter" is being transfered to Fortinet´s server => really?
There is no limitation mentioned on the homepage of the author, i.e. "FortiCloud logging enabled".
We currently use:
- Fortigate Firewalls with FortiOS 6.0.7
- Web Rating Overrides
- SSL inspection is enabled
- Antivirus-Monitoring WITHOUT "FortiSandbox Cloud for Inspection"
- Anti-Spam WITHOUT "Spam Submission" option
We don´t use:
- FortiCloud for logging
So I´m ask myself if we were ever affected by this issue at all? Does someone knows more?