vulnerability

Fortinet FortiOS: Security Features (CVE-2016-7541)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:P/A:N)	Mar 30, 2017	Feb 20, 2018	May 5, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:P/A:N)

Published

Mar 30, 2017

Added

Feb 20, 2018

Modified

May 5, 2025

Description

Long lived sessions in Fortinet FortiGate devices with FortiOS 5.x before 5.4.0 could violate a security policy during IPS signature updates when the FortiGate's IPSengine is configured in flow mode. All FortiGate versions with IPS configured in proxy mode (the default mode) are not affected.

Solution

fortios-upgrade-latest

References

CVE-2016-7541
https://attackerkb.com/topics/CVE-2016-7541
DISA_SEVERITY-Category I
IAVM-2016-A-0334
URL-http://fortiguard.com/advisory/FG-IR-16-088
URL-http://www.securityfocus.com/bid/94477

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today