Closed rhumbert54 closed 10 months ago
Hi 👋
it is by Fortigate API design… (and found a CVE about this…) what release do you have ? The account have access to all interface ?
i will look for display only selected vdom…
Hi Alexis,
The request is done with a super_admin account. So he get access to everything 😉 I don't try with a limited account with a VDOM limit access.
We are on FortiOS 7.0.12
Cordialement, Renaud HUMBERT Support Technique Client TSR [cid:8d3d1046-a61b-43d5-9884-12f716d56792] @.**@.> [cid:fbbf8ed6-3222-4f70-ab6e-c6d1f93607e2] 0383988930 [cid:0e979c33-4895-4ca2-9119-40c308d7174d] Agence et Datacenters de Nancy [cid:a8e089fa-c8c8-403e-929e-45dd5a4ee703] [cid:9ec59f79-64fb-442e-a483-3527724082cf] [NSE 7] [cid:09bf4535-92ff-452c-91d2-c7c15fec5b09] [Fortinet FortiAnalyzer 6.4 Administrator][Fortinet FortiGate 7.0 Administrator][Fortinet FortiManager 6.4 Administrator][Fortinet SD-WAN 6.4 Architect]
[cid:97db6a45-1180-4eab-abc1-170f41521d59]
[cid:97128539-d823-4ac6-8213-c84a2944198b]https://www.adista.fr/ [cid:d1198fdd-8859-4ae2-a3d5-54304e19632d]https://twitter.com/adistafrance [cid:2f1aab13-82a9-4493-84d9-8f95664f9ab5]https://www.youtube.com/user/adistafrance [cid:fc994cf4-0502-4444-bfcc-82c2cfccd71d]https://fr.linkedin.com/company/adista [cid:81c6433a-d013-4f58-943c-6ecdccd89d92]https://www.facebook.com/adistafrance/
De : Alexis La Goutte @.> Envoyé : vendredi 11 août 2023 12:31 À : AsBuiltReport/AsBuiltReport.Fortinet.FortiGate @.> Cc : Renaud HUMBERT @.>; Author @.> Objet : Re: [AsBuiltReport/AsBuiltReport.Fortinet.FortiGate] [BUG] VDOM options - Interfaces (Issue #44)
[Externe inherent] Ne cliquez pas sur les liens, ou n'ouvrez pas les pièces jointes à moins de connaître l'expéditeur et de savoir que le contenu est sûr.
Hi 👋
it is by Fortigate API design… (and found a CVE about this…) what release do you have ? The account have access to all interface ?
i will look for display only selected vdom…
— Reply to this email directly, view it on GitHubhttps://github.com/AsBuiltReport/AsBuiltReport.Fortinet.FortiGate/issues/44#issuecomment-1674537840, or unsubscribehttps://github.com/notifications/unsubscribe-auth/A2MNOMMMJHW2IEIZPOI55S3XUYCXXANCNFSM6AAAAAA3MVI6G4. You are receiving this because you authored the thread.Message ID: @.***>
Bug description
All interfaces are extract and then if we have a lot of VDOM, generation will be longer and we had to delete manually informations.
Command-line input
New-AsBuiltReport -Report Fortinet.FortiGate -Target FQDN -Username demo -Password 'demo' -Format Html -OutputFolderPath 'C:\monuser\AsBuiltReport' -Timestamp
Steps to reproduce
Edit .json and put a VDOM name which exist on the FortiGate Generate a report with an account which can access more than the VDOM to document.
Expected behaviour
I want to only get interface attached to the VDOM and not to the global VDOM.
Screenshots
Operating System
Windows Server
PowerShell Version
5.1.14409.1029
PowerShell Modules
Name Version
AsBuiltReport.Core 1.3.0 AsBuiltReport.Fortinet.FortiGate 0.2.0 AsBuiltReport.Fortinet.FortiGate 0.1.1 PowerFGT 0.7.0 PScribo 0.10.0
Additional Context
It's not a PowerShell issue but certainly a wrong execute command or in wrong context/emplacment.
Before submitting