An improper certificate validation vulnerability [CWE-295] in FortiManager 7.0.1 and below, 6.4.6 and below; FortiAnalyzer 7.0.2 and below, 6.4.7 and below; FortiOS 6.2.x and 6.0.x; FortiSandbox 4.0.x, 3.2.x and 3.1.x may allow a network adjacent and unauthenticated malicious user to man-in-the-middle the communication between the listed products and some external peers.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortisandbox 4.0.0 |
||
fortinet fortianalyzer |
||
fortinet fortisandbox |
||
fortinet fortisandbox 4.0.1 |
||
fortinet fortisandbox 4.0.2 |
||
fortinet fortios |
||
fortinet fortisandbox 3.0.1 |
||
fortinet fortianalyzer 7.0.0 |
||
fortinet fortianalyzer 7.0.1 |
||
fortinet fortianalyzer 7.0.2 |
||
fortinet fortimanager 7.0.0 |
||
fortinet fortimanager 7.0.1 |
||
fortinet fortimanager |