Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An improper certificate validation vulnerability [CWE-295] in FortiOS 6.0.0 through 6.0.14, 6.2.0 through 6.2.10, 6.4.0 through 6.4.8, 7.0.0 may allow a network adjacent and unauthenticated attacker to man-in-the-middle the communication between the FortiGate and some peers such as private SDNs and external cloud platforms.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Vulnerability Type
N/A
Vulnerability Title
Fortinet FortiOS 信任管理问题漏洞
Vulnerability Description
Fortinet FortiOS是美国飞塔(Fortinet)公司的一套专用于FortiGate网络安全平台上的安全操作系统。该系统为用户提供防火墙、防病毒、IPSec/SSLVPN、Web内容过滤和反垃圾邮件等多种安全功能。 Fortinet FortiOS 存在信任管理问题漏洞,该漏洞源于不正确的证书验证。本地网络上的远程攻击者可以利用该漏洞对 FortiGate 与私有 SDN 和外部云平台等对等点之间的通信进行中间人攻击。以下产品和版本受到影响:FortiOS 6.0.0 版本到 6.0.14 版
CVSS Information
N/A
Vulnerability Type
N/A