Input validation

2022-07-1818:15:00

PRIOn knowledge base

www.prio-n.com

5.3 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.1%

JSON

A improper validation of certificate with host mismatch in Fortinet FortiTokenAndroid version 5.0.3 and below, Fortinet FortiTokeniOS version 5.2.0 and below, Fortinet FortiTokenWinApp version 4.0.3 and below allows attacker to retrieve information disclosed via man-in-the-middle attacks.

CPENameOperatorVersion
fortitoken_mobileeq5.0.3
fortitoken_mobileeq5.0.2
fortitoken_mobileeq4.5.0
fortitoken_mobileeq4.4.0
fortitoken_mobileeq4.3.0
fortitoken_mobileeq4.2.2
fortitoken_mobileeq4.2.1
fortitoken_mobileeq4.1.1
fortitoken_mobileeq4.0.1
fortitoken_mobileeq4.0.0

Name	Operator	Version
fortitoken_mobile	eq	5.0.3
fortitoken_mobile	eq	5.0.2
fortitoken_mobile	eq	4.5.0
fortitoken_mobile	eq	4.4.0
fortitoken_mobile	eq	4.3.0
fortitoken_mobile	eq	4.2.2
fortitoken_mobile	eq	4.2.1
fortitoken_mobile	eq	4.1.1
fortitoken_mobile	eq	4.0.1
fortitoken_mobile	eq	4.0.0

Rows per page:

1-10 of 301

References

fortiguard.com/advisory/FG-IR-21-024