Fortinet FortiSOAR Server-Side Request Forgery Vulnerability

A server-side request forgery (SSRF) vulnerability has been identified in multiple versions of Fortinet FortiSOAR, both PaaS and on-premise. This vulnerability allows authenticated attackers to discover services running on local ports by sending crafted requests. Affected versions include FortiSOAR PaaS 7.6.4, 7.6.0 through 7.6.2, 7.5.0 through 7.5.2, 7.4 all versions, 7.3 all versions, as well as FortiSOAR on-premise 7.6.4, 7.6.0 through 7.6.2, 7.5.0 through 7.5.2, 7.4 all versions, and 7.3 all versions.

Impact

Exploitation of this vulnerability could lead to unauthorized information disclosure by allowing attackers to access and identify services running on local ports.

Remediation

Users can upgrade to FortiSOAR PaaS 7.6.5, 7.6.3, or FortiSOAR on-premise 7.6.5, 7.5.3, depending on their current version. For those on FortiSOAR PaaS or on-premise 7.4 or 7.3, migration to a fixed release is recommended.