Fortinet Fortigate Proxy mode with deep inspection - Stack-based buffer overflow (FG-IR-23-183)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-183 advisory. - A stack-based overflow vulnerability CWE-124 in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and...

PT-2023-3490

Name of the Vulnerable Software and Affected Versions FortiOS versions 7.0.0 through 7.0.10 FortiOS versions 7.2.0 through 7.2.3 FortiProxy versions 7.0.0 through 7.0.9 FortiProxy versions 7.2.0 through 7.2.2 Description A stack-based overflow vulnerability in Fortinet FortiOS and FortiProxy allo...

FortiOS SSL Deep Inspection TLS Padding Oracle Vulnerabilities

Multiple padding Oracle vulnerabilities Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length in the CBC padding implementation of FortiOS when configured with SSL Deep Inspection policies and with the IPS sensor enabled may allow an attacker to decipher TLS connections going through the FortiGate by...

CVE-2019-5592

Multiple padding oracle vulnerabilities Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length in the CBC padding implementation of FortiOS IPS engine version 5.000 to 5.006, 4.000 to 4.036, 4.200 to 4.219, 3.547 and below, when configured with SSL Deep Inspection policies and with the IPS sensor enabled,...