An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxys disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Fortios | Fortinet | * | 5.2.12 (including) |
| Fortios | Fortinet | 5.4.6 (including) | 5.4.7 (including) |
| Fortios | Fortinet | 5.6.1 (including) | 5.6.3 (including) |
References
- http://www.securityfocus.com/bid/106036
- https://fortiguard.com/advisory/FG-IR-18-325
- https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180031.txt
- http://www.securityfocus.com/bid/106036
- https://fortiguard.com/advisory/FG-IR-18-325
- https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180031.txt