CVE-2023-50179

An improper certificate validation vulnerability [CWE-295] in FortiADC 7.4.0, 7.2 all versions, 7.1 all versions, 7.0 all versions may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the device and public SDN connectors.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*

History

09 Sep 2024, 15:54

Type Values Removed Values Added
References () https://fortiguard.fortinet.com/psirt/FG-IR-23-480 - () https://fortiguard.fortinet.com/psirt/FG-IR-23-480 - Vendor Advisory
Summary
  • (es) Una vulnerabilidad de validación de certificado incorrecta [CWE-295] en FortiADC 7.4.0, 7.2 todas las versiones, 7.1 todas las versiones, 7.0 todas las versiones puede permitir que un atacante remoto y no autenticado realice un ataque Man-in-the-Middle en el canal de comunicación entre el dispositivo y los conectores SDN públicos.
CPE cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 4.8
v2 : unknown
v3 : 5.9
First Time Fortinet
Fortinet fortiadc

09 Jul 2024, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-09 16:15

Updated : 2024-09-09 15:54


NVD link : CVE-2023-50179

Mitre link : CVE-2023-50179

CVE.ORG link : CVE-2023-50179


JSON object : View

Products Affected

fortinet

  • fortiadc
CWE
CWE-295

Improper Certificate Validation