Long lived sessions in Fortinet FortiGate devices with FortiOS 5.x before 5.4.0 could violate a security policy during IPS signature updates when the FortiGate's IPSengine is configured in flow mode. All FortiGate versions with IPS configured in proxy mode (the default mode) are not affected.
2017-03-30T14:59:00.150
2025-04-20T01:37:25.860
Deferred
CVSSv3.0: 5.9 (MEDIUM)
AV:N/AC:M/Au:N/C:N/I:P/A:N
8.6
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | fortinet | fortios | 5.0.0 | Yes |
| Operating System | fortinet | fortios | 5.0.1 | Yes |
| Operating System | fortinet | fortios | 5.0.2 | Yes |
| Operating System | fortinet | fortios | 5.0.3 | Yes |
| Operating System | fortinet | fortios | 5.0.4 | Yes |
| Operating System | fortinet | fortios | 5.0.5 | Yes |
| Operating System | fortinet | fortios | 5.0.6 | Yes |
| Operating System | fortinet | fortios | 5.0.7 | Yes |
| Operating System | fortinet | fortios | 5.0.8 | Yes |
| Operating System | fortinet | fortios | 5.0.9 | Yes |
| Operating System | fortinet | fortios | 5.0.10 | Yes |
| Operating System | fortinet | fortios | 5.0.11 | Yes |
| Operating System | fortinet | fortios | 5.0.12 | Yes |
| Operating System | fortinet | fortios | 5.0.13 | Yes |
| Operating System | fortinet | fortios | 5.0.14 | Yes |
| Operating System | fortinet | fortios | 5.2.0 | Yes |
| Operating System | fortinet | fortios | 5.2.1 | Yes |
| Operating System | fortinet | fortios | 5.2.2 | Yes |
| Operating System | fortinet | fortios | 5.2.3 | Yes |
| Operating System | fortinet | fortios | 5.2.4 | Yes |
| Operating System | fortinet | fortios | 5.2.5 | Yes |
| Operating System | fortinet | fortios | 5.2.6 | Yes |
| Operating System | fortinet | fortios | 5.2.7 | Yes |
| Operating System | fortinet | fortios | 5.2.8 | Yes |
| Operating System | fortinet | fortios | 5.2.9 | Yes |
| Operating System | fortinet | fortios | 5.2.10 | Yes |