• »
  • Latest Threats
  • Desktop
  • Server
  • high Severity (Can partially compromise system)

Vulnerability found in security and load balancing appliance FortiADC E

high Severity            Affects:
FortiADC-E with firmware 3.1.1 and prior
Coyote Point Equalizer with firmware 10.2.0a

A platform-specific security vulnerability has been discovered that permits a remote attacker to gain access to currently configured subnets. An unprivileged user may be able to inject packets into any network configured on FortiADC, or may be able to communicate with hosts present on networks configured on FortiADC. This vulnerability is present on all FortiADC-E models running any release since (and including) 3.1.1. (1230888)


This issue has been reported in advisory CVE-2014-8582

RECOMMENDATION

Upgrade to 4.0.5 (FortiADC-E only) or apply the patch provided on the Fortinet Support site. The patch and supporting documentation are available in the FortiADC-E and CoyotePoint firmware download directories, accessible from https://support.fortinet.com. The following files are available:

For FortiADC-E hardware:

FortiADC_4.0_build0027_upgrade_release.tar.gz

FortiADC-E-4 0 4-GA-Release-Notes.pdf

For CoyotePoint hardware and Equalizer OnDemand:

10.3.0g-RELEASE.tgz

10.3.0g-250GX.tgz

relnotes_10.3.0.pdf


Workaround

Disable administrative access on all interfaces connecting to insecure networks.

From the GUI, navigate to that subnet's configuration page and disable the following flags: SSH, HTTP, HTTPS, SNMP

From the CLI, enter the subnet context and execute "services !ssl, !http, !https, !snmp" follwed by "commit".