QID 43919
Date Published: 2022-10-17
QID 43919: FortiOS Transmission Control Protocol (TCP) Middlebox Reflection Vulnerability (FG-IR-22-073)
An improper verification of source of a communication channel vulnerability [CWE-940] in FortiOS may allow a remote and unauthenticated attacker to trigger the sending of "blocked page" HTML data to an arbitrary victim via crafted TCP requests, potentially flooding the victim. This is possible only if at least a firewall policy has inspection mode set to flow-based (default), AND at least a Security Profile is enabled (Web Filter, AntiVirus, IPS, DLP, Application Control, SSL, File filter).
Affected Products:
FortiOS version 7.2.0
FortiOS version 7.0.0 through 7.0.5
FortiOS version 6.4.0 through 6.4.8
FortiOS version 6.2.0 through 6.2.10
FortiOS version 6.0.0 through 6.0.14
QID Detection Logic (Authenticated):
Detection checks for vulnerable version of FortiOS.
Note: Detection is made potential because, the signature doesn't check if at least a firewall policy has inspection mode set to flow-based, AND at least a Security Profile is enabled .
Vulnerable version of FortiOSmay allow a remote and unauthenticated attacker to trigger the sending of "blocked page" HTML data to an arbitrary victim via crafted TCP requests, potentially flooding the victim.
Vendor has released fixes to address this vulnerability
For more details refer advisory FG-IR-22-086
- FG-IR-22-073 -
www.fortiguard.com/psirt/FG-IR-22-073
CVEs related to QID 43919
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| FG-IR-22-073 |
www.fortiguard.com/psirt/FG-IR-22-073 |