The default configuration of Fortinet Fortigate UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier for man-in-the-middle malicious users to spoof SSL servers by leveraging the presence of the Fortinet_CA_SSLProxy certificate in a list of trusted root certification authorities.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
fortinet fortigate-5020 - |
||
fortinet fortigate-5060 - |
||
fortinet fortigate-5140b - |
||
fortinet fortigate-3950b - |
||
fortinet fortigate-voice-80c - |
||
fortinet fortigate-50b - |
||
fortinet fortigate-5101c - |
||
fortinet fortigate-5001a-sw - |
||
fortinet fortigate-60c - |
||
fortinet fortigate-20c - |
||
fortinet fortigate-3810a - |
||
fortinet fortigate-3040b - |
||
fortinet fortigate-300c - |
||
fortinet fortigaterugged-100c - |
||
fortinet fortigate-80c - |
||
fortinet fortigate-40c - |
||
fortinet fortigate-3140b - |
||
fortinet fortigate-600c - |
||
fortinet fortigate-100d - |
||
fortinet fortigate-800c - |
||
fortinet fortigate-311b - |
||
fortinet fortigate-3240c - |
||
fortinet fortigate-620b - |
||
fortinet fortigate-1000c - |
||
fortinet fortigate-200b - |
||
fortinet fortigate-310b - |
||
fortinet fortigate-110c - |
||
fortinet fortigate-5001b - |
||
fortinet fortigate-1240b - |
Vulmon