FortiOS 5.0.x prior to 5.0.12 and 5.2.x prior to 5.2.4 supports anonymous, export, RC4, and possibly other weak ciphers when using TLS to connect to FortiGuard servers, which allows man-in-the-middle malicious users to spoof TLS content by modifying packets.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
fortinet fortios 5.0.5 |
||
fortinet fortios 5.0.6 |
||
fortinet fortios 5.2.1 |
||
fortinet fortios 5.2.2 |
||
fortinet fortios 5.0.2 |
||
fortinet fortios 5.0.3 |
||
fortinet fortios 5.0.4 |
||
fortinet fortios 5.0.11 |
||
fortinet fortios 5.2.0 |
||
fortinet fortios 5.0.7 |
||
fortinet fortios 5.0.8 |
||
fortinet fortios 5.2.3 |
||
fortinet fortios 5.0.0 |
||
fortinet fortios 5.0.1 |
||
fortinet fortios 5.0.9 |
||
fortinet fortios 5.0.10 |
Vulmon