Lucene search
K

4 matches found

NVD
NVD
added 2015/02/10 8:59 p.m.12 views

CVE-2015-1571

The CAPWAP DTLS protocol implementation in Fortinet FortiOS 5.0 Patch 7 build 4457 uses the same certificate and private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the FortinetFactory certificate and...

4.3CVSS6.3AI score0.00864EPSS
Exploits1References3
Prion
Prion
added 2015/02/10 8:59 p.m.16 views

Design/Logic Flaw

DISPUTED The CAPWAP DTLS protocol implementation in Fortinet FortiOS 5.0 Patch 7 build 4457 uses the same certificate and private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the FortinetFactory certificate...

4.3CVSS6.9AI score0.00864EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2015/02/10 8:0 p.m.33 views

CVE-2015-1571

The CAPWAP DTLS protocol implementation in Fortinet FortiOS 5.0 Patch 7 build 4457 uses the same certificate and private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the FortinetFactory certificate and...

6.3AI score0.00864EPSS
Exploits1References3
CVE
CVE
added 2015/02/10 8:0 p.m.83 views

CVE-2015-1571

Fortinet FortiOS 5.0 Patch 7 (build 4457) CAPWAP DTLS uses the same Fortinet_Factory certificate and private key across different customer installations. This configuration could enable an attacker to perform a man‑in‑the‑middle by spoofing SSL servers leveraging the Fortinet_Factory cert. Some s...

4.3CVSS6.5AI score0.00864EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder