CVE-2018-9194

{"id": "CVE-2018-9194", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.2}]}, "published": "2018-09-05T13:29:00.637", "references": [{"url": "https://fortiguard.com/advisory/FG-IR-17-302", "tags": ["Vendor Advisory"], "source": "psirt@fortinet.com"}, {"url": "https://robotattack.org/", "tags": ["Third Party Advisory"], "source": "psirt@fortinet.com"}, {"url": "https://www.kb.cert.org/vuls/id/144389", "tags": ["Third Party Advisory", "US Government Resource"], "source": "psirt@fortinet.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-203"}]}], "descriptions": [{"lang": "en", "value": "A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under VIP SSL feature when CPx being used."}, {"lang": "es", "value": "Podr\u00eda ser posible recuperar en texto plano mensajes cifrados o realizar un ataque Man-in-the-Middle (MitM) en el cifrado RSA PKCS #1 v1.5 sin conocer la clave privada del servidor. Fortinet FortiOS, de la versi\u00f3n 5.4.6 a la 5.4.9 y las versiones 6.0.0 y 6.0.1, son vulnerables por medio de dichos ataques bajo la funcionalidad VIP SSL cuando se emplea CPx."}], "lastModified": "2019-10-03T00:03:26.223", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9690D76F-27B1-439A-8BD3-4B6FAC24C029", "versionEndIncluding": "5.4.9", "versionStartIncluding": "5.4.6"}, {"criteria": "cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3907C1C9-EAEB-4287-82DA-06F242DEA639"}, {"criteria": "cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52A0DB21-C876-4DD3-95ED-8BA0483F0BD4"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@fortinet.com"}