Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.4
CVSSv2

CVE-2013-4669

Published: 25/06/2013 Updated: 04/11/2015
CVSS v2 Base Score: 5.4 | Impact Score: 6.9 | Exploitability Score: 4.9
VMScore: 481
Vector: AV:N/AC:H/Au:N/C:C/I:N/A:N

Vulnerability Summary

FortiClient prior to 4.3.5.472 on Windows, prior to 4.0.3.134 on Mac OS X, and prior to 4.0 on Android; FortiClient Lite prior to 4.3.4.461 on Windows; FortiClient Lite 2.0 up to and including 2.0.0223 on Android; and FortiClient SSL VPN prior to 4.0.2258 on Linux proceed with an SSL session after determining that the server's X.509 certificate is invalid, which allows man-in-the-middle malicious users to obtain sensitive information by leveraging a password transmission that occurs before the user warning about the certificate problem.

Vulnerable Product Search on Vulmon Subscribe to Product

fortinet forticlient

fortinet forticlient_lite

fortinet forticlient_ssl_vpn

References

CWE-255CWE-310http://www.fortiguard.com/advisory/Potential-Man-In-The-Middle-Vulnerability-in-FortiClient-VPN/http://archives.neohapsis.com/archives/fulldisclosure/2013-05/0001.htmlhttp://www.securityfocus.com/bid/59604http://objectif-securite.ch/forticlient_bulletin.phphttps://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30043cameraCVE-2023-40404CVE-2024-2793client sideCVE-2024-4469CVE-2024-3565CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook