Lucene search
HistoryAug 11, 2015 - 2:59 p.m.
CVE-2015-5965
ssl-vpn
fortinet fortios
cve-2015-5965
security vulnerability
remote attack
encrypted content
6.5 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.006 Low
EPSS
Percentile
77.5%
The SSL-VPN feature in Fortinet FortiOS before 4.3.13 only checks the first byte of the TLS MAC in finished messages, which makes it easier for remote attackers to spoof encrypted content via a crafted MAC field.
| CPE | Name | Operator | Version |
|---|---|---|---|
| fortinet:fortios | fortinet fortios | le | 4.3.12 |
Related
prion
prion
Design/Logic Flaw
2015-08-11 14:59:00
cvelist
cvelist
CVE-2015-5965
2015-08-11 14:00:00
nessus
nessus
Fortinet FortiOS < 4.3.13 SSL-VPN TLS MAC Spoofing
2015-09-04 00:00:00
GLSA-201508-01 : Adobe Flash Player: Multiple vulnerabilities
2015-09-23 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201508-01
2015-09-29 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2015-08-15 00:00:00
6.5 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.006 Low
EPSS
Percentile
77.5%
Related for CVE-2015-5965