FortiOS: Multiple Vulnerabilities in OpenSSL

Summary
Multiple Vulnerabilities in OpenSSL
Impact
CVE-2014-0224 may allow an attacker with a privileged network position (man-in-the-middle) to decrypt SSL encrypted communications. CVE-2014-0221 may allow an attacker to crash a DTLS client with an invalid handshake. CVE-2014-0195 can result in a buffer overrun attack by sending invalid DTLS fragments to an OpenSSL DTLS client or server. CVE-2014-0198 and CVE-2010-5298 may allow an attacker to cause a denial of service under certain conditions, when SSL_MODE_RELEASE_BUFFERS is enabled. CVE-2014-3470 may allow an attacker to trigger a denial of service in SSL clients when anonymous ECDH ciphersuites are enabled. This issue does not affect Fortinet products. CVE-2014-0076 can be used to discover ECDSA nonces on multi-user systems by exploiting timing attacks in CPU L3 caches. This does not apply to Fortinet products.
Solution
Upgrade to FortiAnalyzer 5.2.0/5.0.7 (build 321) or higher.
Affected
FortiAnalyzer < 5.2.0/5.0.7
Detection
Check the version
References