5 matches found
CVE-2022-39948
An improper certificate validation vulnerability CWE-295 in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.0.0 through 7.0.6, 2.0 all versions, 1.2 all versions may allow a remote and unauthenticated attacker to perform a...
Siemens RUGGEDCOM APE1808 with Fortigate NGFW Devices
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Fortinet Fortigate Lack of certificate verification when establishing secure connections with threat feed fabric connectors (FG-IR-22-257)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-257 advisory. - An improper certificate validation vulnerability CWE-295 in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.7, 6.4 all...
CVE-2022-39948
An improper certificate validation vulnerability CWE-295 in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.0.0 through 7.0.6, 2.0 all versions, 1.2 all versions may allow a remote and unauthenticated attacker to perform a...
CVE-2022-39948
CVE-2022-39948 is an improper certificate validation (CWE-295) vulnerability in FortiOS (versions 7.2.0–7.2.3, 7.0.0–7.0.7, 6.4, 6.2, 6.0) and FortiProxy (7.0.0–7.0.6, 2.0, 1.2). A remote, unauthenticated attacker could perform a Man-in-the-Middle attack on the communication between FortiOS/Forti...