CVE-2023-29175
4.8MEDIUMAn improper certificate validation vulnerability [CWE-295] in FortiOS 6.2 all versions, 6.4 all versions, 7.0.0 through 7.0.10, 7.2.0 and FortiProxy 1.2 all versions, 2.0 all versions, 7.0.0 through 7
게시됨: 6/13/2023업데이트됨: 11/21/2024
설명
An improper certificate validation vulnerability [CWE-295] in FortiOS 6.2 all versions, 6.4 all versions, 7.0.0 through 7.0.10, 7.2.0 and FortiProxy 1.2 all versions, 2.0 all versions, 7.0.0 through 7.0.9, 7.2.0 through 7.2.3 may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the vulnerable device and the remote FortiGuard's map server.
AI 분석AI 기반
영향받는 제품
fortinetfortiproxy
fortinetfortiproxy
fortinetfortiproxy
fortinetfortiproxy
fortinetfortios
fortinetfortios
fortinetfortios
fortinetfortios
fortinetfortios
7.2.0
참조
- https://fortiguard.com/psirt/FG-IR-22-468Vendor Advisory
- https://fortiguard.com/psirt/FG-IR-22-468Vendor Advisory