Vulnerabilities (CVE)

Filtered by vendor Fortinet Subscribe
Filtered by product Fortigate-1240b
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-4948 1 Fortinet 29 Fortigate-1000c, Fortigate-100d, Fortigate-110c and 26 more 2024-02-28 5.3 MEDIUM N/A
The default configuration of Fortinet Fortigate UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the presence of the Fortinet_CA_SSLProxy certificate in a list of trusted root certification authorities.
CVE-2013-1414 1 Fortinet 30 Fortigate-1000c, Fortigate-100d, Fortigate-110c and 27 more 2024-02-28 5.1 MEDIUM N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet FortiOS on FortiGate firewall devices before 4.3.13 and 5.x before 5.0.2 allow remote attackers to hijack the authentication of administrators for requests that modify (1) settings or (2) policies, or (3) restart the device via a rebootme action to system/maintenance/shutdown.