Upgrade latest FortiOS is really a good solution?
I'm a newbie/newcomer with Fortinet's products.
Now I heard that upgrading to the latest version for FortiGate is not a recommendation. (from product supplier, not Fortinet)
Then, I'd like to find/check more details so what that really does mean.
I found that some points with Resolved/Known issues between the present and the newer version in Release Note
And I want to discuss detail here is related to some resolved CVEs' issues.
Here my discussing matter
・Currently using FortiOS version: 5.6.5
・I want to upgrade to version: 5.6.8
Although, I found that some CVEs (security related issues) that resolved on the 5.6.8 version of the Release Note.
But hold it on, when I reversely check on the CVE-2018-13371
(risk rather high) that written in Release Note of 5.6.8,
With the supported links: https://fortiguard.com/psirt/FG-IR-18-230
On the part [Affected products], I saw this "FortiOS version 5.6.7 and below"
so that means my FortiOS version is included either. And that made insecurity feeling now.
Therefore, I have some thoughts inside- If I upgrade to the latest version 5.6.8, it will be resolved the issue (but it's not a recommendation from the product supplier). I'm not much experience with Fortinet's products then it's not easy to make a decision.- If I do not, I do not know whether it will be a matter or not with the network system (the system run with Fortinet's product is about half of year without any notice/alert related to that security issue)
So, if someone who got this matter such as me, please help me to figure out or give me some advice on this matter!
Thank you for your help!