Frédéric Prevost

**Name of the Vulnerable Software and Affected Versions** Fortinet FortiManager versions 7.4.0 through 7.4.1 and before 7.2.5 Fortinet FortiAnalyzer versions 7.4.0 through 7.4.1 and before 7.2.5 Fortinet FortiAnalyzer-BigData before 7.2.5 **Description** The issue is related to the exposure of sensitive information to unauthorized actors. It allows an adom administrator to enumerate other adoms and device names via crafted HTTP or HTTPS requests. This can be exploited by a remote attacker to disclose protected information. **Recommendations** For Fortinet FortiManager versions 7.4.0 through 7.4.1 and before 7.2.5, update to a version that includes the fix for this issue. For Fortinet FortiAnalyzer versions 7.4.0 through 7.4.1 and before 7.2.5, update to a version that includes the fix for this issue. For Fortinet FortiAnalyzer-BigData before 7.2.5, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to crafted HTTP or HTTPS requests to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Fortinet FortiManager versions 7.4.0 and before 7.2.3 Fortinet FortiAnalyzer versions 7.4.0 and before 7.2.3 **Description** The issue is related to the implementation of client-side security features. It may allow a remote attacker with low privileges to access a privileged web console via client-side code execution. This is due to a client-side enforcement of server-side security vulnerability. **Recommendations** For Fortinet FortiManager versions 7.4.0 and before 7.2.3, update to a version after 7.2.3 to resolve the issue. For Fortinet FortiAnalyzer versions 7.4.0 and before 7.2.3, update to a version after 7.2.3 to resolve the issue. As a temporary workaround, consider restricting access to the web console to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** FortiManager versions 7.4.0 and before 7.2.3 FortiAnalyzer versions 7.4.0 and before 7.2.3 **Description** The issue is related to an authorization bypass through user-controlled key, allowing a remote attacker with low privileges to read sensitive information via crafted HTTP requests. This is due to an error in processing keys controlled by the user. The exploitation of this issue can enable a remote attacker to access confidential data. **Recommendations** For FortiManager versions 7.4.0 and before 7.2.3, update to a version that includes the fix for this issue. For FortiAnalyzer versions 7.4.0 and before 7.2.3, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to sensitive information until a patch is available.

**Name of the Vulnerable Software and Affected Versions** FortiAnalyzer versions 7.2.0 through 7.2.3 and before 7.0.8 FortiAnalyzer version 7.4.0 FortiManager versions 7.2.0 through 7.2.3 and before 7.0.8 FortiManager version 7.4.0 **Description** A server-side request forgery issue allows a remote attacker with low privileges to view sensitive data from internal servers or perform a local port scan via a crafted HTTP request. The vulnerability is related to insufficient validation of incoming requests. **Recommendations** For FortiAnalyzer versions 7.2.0 through 7.2.3 and before 7.0.8, update to a version that includes the fix for this issue. For FortiAnalyzer version 7.4.0, update to a version that includes the fix for this issue. For FortiManager versions 7.2.0 through 7.2.3 and before 7.0.8, update to a version that includes the fix for this issue. For FortiManager version 7.4.0, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the vulnerable HTTP request functionality until a patch is available.