CVSS: 5.4EPSS: 0%CPEs: 11EXPL: 0CVE-2014-0351
https://notcve.org/view.php?id=CVE-2014-0351
The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.x before 5.0.8 on FortiGate devices does not prevent use of anonymous ciphersuites, which makes it easier for man-in-the-middle attackers to obtain sensitive information or interfere with communications by modifying the client-server data stream. El servicio de protocolo FortiManager en Fortinet FortiOS anterior a 4.3.16 y 5.x anterior a 5.0.8 en los dispositivos FortiGate devices no previene el uso de los suites de cifrado anónimos, lo que facilita a atacantes man-in-the-middle obtener información sensible o interferir con las comunicaciones mediante la modificación del flujo de datos del cliente-servidor. • http://www.fortiguard.com/advisory/FG-IR-14-006 http://www.kb.cert.org/vuls/id/730964 http://www.securityfocus.com/bid/69754 https://exchange.xforce.ibmcloud.com/vulnerabilities/96119 • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 7%CPEs: 11EXPL: 0CVE-2014-2216
https://notcve.org/view.php?id=CVE-2014-2216
The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.0.0 before 5.0.8 on FortiGate devices allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted request. El servicio de protocolo FortiManager en Fortinet FortiOS anterior a 4.3.16 y 5.0.0 anterior a 5.0.8 en los dispositivos FortiGate permite a atacantes remotos causar una denegación de servicio y posiblemente ejecutar código arbitrario a través de una solicitud manipulada. • http://secunia.com/advisories/60724 http://www.fortiguard.com/advisory/FG-IR-14-006 http://www.kb.cert.org/vuls/id/730964 http://www.securityfocus.com/bid/69338 http://www.securitytracker.com/id/1030753 https://exchange.xforce.ibmcloud.com/vulnerabilities/95442 •