CVE-2015-1569

2015-02-1020:00:00

mitre

www.cve.org

forticlient

ios

ssl vpn

certificate validation

vulnerability

AI Score

Confidence

High

EPSS

0.001

Percentile

22.6%

JSON

Fortinet FortiClient 5.2.028 for iOS does not validate certificates, which makes it easier for man-in-the-middle attackers to spoof SSL VPN servers via a crafted certificate.

References

seclists.org/fulldisclosure/2015/Jan/124

www.security-assessment.com/files/documents/advisory/Fortinet_FortiClient_Multiple_Vulnerabilities.pdf