====================================================================

                             CERT-Renater

                 Note d'Information No. 2020/VULN535
_____________________________________________________________________

DATE                : 24/09/2020

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running FortiGate versions prior to 6.4.1.

=====================================================================
https://fortiguard.com/psirt/FG-IR-20-033
_____________________________________________________________________


FortiGate fails to log traffic for Fortinet owned IP address range

IR Number : FG-IR-20-033

Date      : Sep 23, 2020

Risk      : 1/5

Impact    : Insufficient Logging

CVE ID    : CVE-2020-12818 (disputed)

CVE ID    : CVE-2020-12818 (disputed)


Summary

An insufficient logging vulnerability in FortiGate may allow the traffic
from an unauthenticated attacker to Fortinet owned IP addresses to go
unnoticed.


Impact

Insufficient Logging


Affected Products

FortiGate versions 6.2.4 and below. FortiGate version 6.4.0.


Solutions

Please upgrade to 6.4.1 or above, and add dynamic firewall address
"FCTEMS_ALL_FORTICLOUD_SERVERS" which includes all FortiGuard servers in
the policy to log the traffic for Fortinet IP addresses.


Acknowledgement

Fortinet is pleased to thank Michael Weinstein from NetTects LLC for
reporting this vulnerability under responsible disclosure.


=========================================================
+ CERT-RENATER       |    tel : 01-53-94-20-44          +
+ 23/25 Rue Daviel   |    fax : 01-53-94-20-41          +
+ 75013 Paris        |    email:cert@support.renater.fr +
=========================================================