CVE-2020-29010: 
FortiOS vulnerability analysis and mitigation

An exposure of sensitive information vulnerability (CVE-2020-29010) was discovered in FortiOS that affects versions 6.0.10 and below, 6.2.4 and below, and 6.4.1 and below. The vulnerability was initially disclosed on January 4, 2021, and allows remote authenticated actors to read SSL VPN events log entries of users in other VDOMs by executing "get vpn ssl monitor" from the CLI (Fortiguard PSIRT).

The vulnerability stems from improper access control in the SSL VPN monitoring functionality. When exploited, it allows authenticated users to access sensitive data including usernames, user groups, and IP addresses of users in other Virtual Domains (VDOMs). The vulnerability has been assigned a CVSS v3.1 Base Score of 5.0 (Medium) with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N (Fortiguard PSIRT).

The successful exploitation of this vulnerability leads to unauthorized access to sensitive information. Attackers can view SSL VPN event log entries containing usernames, user groups, and IP addresses of users in other VDOMs, potentially compromising user privacy and revealing internal network information (Fortiguard PSIRT).

Fortinet has released patches to address this vulnerability. Users are advised to upgrade to FortiGate version 6.0.11 or above, version 6.2.5 or above, or version 6.4.2 or above, depending on their current version (Fortiguard PSIRT).