AAn improper certificate validation vulnerability [CWE-295] in FortiClientWindows 7.2.0 through 7.2.2, 7.0.0 through 7.0.11, FortiClientLinux 7.2.0, 7.0.0 through 7.0.11 and FortiClientMac 7.0.0 through 7.0.11, 7.2.0 through 7.2.4 may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the FortiGate and the FortiClient during the ZTNA tunnel creation
References
Link | Resource |
---|---|
https://fortiguard.fortinet.com/psirt/FG-IR-22-282 |
Configurations
No configuration.
History
10 Sep 2024, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-10 15:15
Updated : 2024-09-10 15:50
NVD link : CVE-2024-31489
Mitre link : CVE-2024-31489
CVE.ORG link : CVE-2024-31489
JSON object : View
Products Affected
No product.
CWE
CWE-295
Improper Certificate Validation