[SECURITY-L] Fortinet Releases Security Updates for Multiple Products
CSIRT Unicamp
security em unicamp.br
Segunda Outubro 16 09:31:16 -03 2023
Fortinet Releases Security Updates for Multiple Products
<https://www.cisa.gov/news-events/alerts/2023/10/11/fortinet-releases-security-updates-multiple-products>
10/12/2023 01:00 PM EDT
Fortinet has released security advisories addressing vulnerabilities in
multiple products. These vulnerabilities may allow cyber threat actors to
take control of the affected systems.
CISA encourages users and administrators to review the following Fortinet
security advisories and apply the recommended updates:
- FG-IR-23-189 <https://www.fortiguard.com/psirt/FG-IR-23-189>:
FortiManager, FortiAnalyzer – Path traversal via unrestricted file upload
- FG-IR-23-062 <https://www.fortiguard.com/psirt/FG-IR-23-062>:
FortiManager – Improper inter ADOM access control
- FG-IR-23-167 <https://www.fortiguard.com/psirt/FG-IR-23-167>:
FortiManager, FortiAnalyzer – OS command injection
- FG-IR-22-352 <https://www.fortiguard.com/psirt/FG-IR-22-352>:
FortiManager, FortiAnalyzer, FortiADC – Command injection due to an unsafe
usage of function
- FG-IR-23-318 <https://www.fortiguard.com/psirt/FG-IR-23-318>: FortiOS
– Improper authorization via prof-admin profile
- FG-IR-23-085
<https://fortiguard.fortinet.com/psirt/FG-IR-23-085>: FortiSIEM
- Multiple path traversal vulnerabilities
This product is provided subject to this Notification
<https://www.cisa.gov/notification> and this Privacy & Use
<https://www.cisa.gov/privacy-policy> policy.
===
Computer Security Incident Response Team - CSIRT
Universidade Estadual de Campinas - Unicamp
Centro de Computacao - CCUEC
GnuPG Public Key: http://www.security.unicamp.br/security.asc [^]
Contato: +55 19 3521-2289 ou INOC-DBA: 1251*830
-------------- Próxima Parte ----------
Um anexo em HTML foi limpo...
URL: <http://www.listas.unicamp.br/pipermail/security-l/attachments/20231016/34e38a6c/attachment.html>
Mais detalhes sobre a lista de discussão SECURITY-L