Fortinet FortiManager TLS Certificate Validation Failure (FG-IR-16-055)

Fortinet FortiManager is prone to a TLS certificate validation failure vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2016-8495

Fortinet FortiManager (versions 5.0.6–5.2.7 and 5.4.0–5.4.1) is affected by an improper TLS certificate validation vulnerability during device probing (Fortisandbox feature). This enables a remote attacker to perform MITM and spoof a trusted entity, with potential exposure of pre-shared secrets. ...