Page 28 of 147 results (0.009 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 2

The CAPWAP DTLS protocol implementation in Fortinet FortiOS 5.0 Patch 7 build 4457 uses the same certificate and private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the Fortinet_Factory certificate and private key. NOTE: FG-IR-15-002 says "The Fortinet_Factory certificate is unique to each device ... An attacker cannot therefore stage a MitM attack. ** DISPUTADA ** La implementación del protocolo CAPWAP DTLS en Fortinet FortiOS 5.0 Patch 7 build 4457 utiliza el mismo certificado y clave privada a través de las distintas instalaciones de los clientes, lo que hace que sea más fácil para atacantes man-in-the-middle suplantar servidores SSL aprovechando la clave privada y certificado Fortinet_Factory. NOTA: FG-IR-15-002 dice "El certificado Fortinet_Factory es único para cada dispositivo ... Un atacante no puede por tanto perpetrar un ataque MitM". • http://seclists.org/fulldisclosure/2015/Jan/125 http://www.fortiguard.com/advisory/FG-IR-15-002 http://www.security-assessment.com/files/documents/advisory/Fortinet_FortiOS_Multiple_Vulnerabilities.pdf • CWE-310: Cryptographic Issues •

CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 2

Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.0 Patch 7 build 4457 allow remote authenticated users to inject arbitrary web script or HTML via the (1) WTP Name or (2) WTP Active Software Version field in a CAPWAP Join request. Múltiples vulnerabilidades de XSS en Fortinet FortiOS 5.0 Parche 7 build 4457 permiten a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través del campo (1) WTP Name o (2) WTP Active Software Version en una solicitud CAPWAP Join. • http://seclists.org/fulldisclosure/2015/Jan/125 http://secunia.com/advisories/61661 http://www.fortiguard.com/advisory/FG-IR-15-002 http://www.security-assessment.com/files/documents/advisory/Fortinet_FortiOS_Multiple_Vulnerabilities.pdf http://www.securityfocus.com/bid/72383 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0

The Control and Provisioning of Wireless Access Points (CAPWAP) daemon in Fortinet FortiOS 5.0 Patch 7 build 4457 allows remote attackers to cause a denial of service (locked CAPWAP Access Controller) via a large number of ClientHello DTLS messages. El demonio Control and Provisioning of Wireless Access Points (CAPWAP) en Fortinet FortiOS 5.0 Parche 7 build 4457 permite a atacantes remotos causar una denegación de servicio (el controlador de acceso a CAPWAP bloqueado) a través de un número grande de mensajes DTLS de ClientHello. • http://seclists.org/fulldisclosure/2015/Jan/125 http://secunia.com/advisories/61661 http://www.fortiguard.com/advisory/FG-IR-15-002 http://www.security-assessment.com/files/documents/advisory/Fortinet_FortiOS_Multiple_Vulnerabilities.pdf http://www.securityfocus.com/bid/72383 • CWE-17: DEPRECATED: Code •

CVSS: 5.4EPSS: 0%CPEs: 11EXPL: 0

The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.x before 5.0.8 on FortiGate devices does not prevent use of anonymous ciphersuites, which makes it easier for man-in-the-middle attackers to obtain sensitive information or interfere with communications by modifying the client-server data stream. El servicio de protocolo FortiManager en Fortinet FortiOS anterior a 4.3.16 y 5.x anterior a 5.0.8 en los dispositivos FortiGate devices no previene el uso de los suites de cifrado anónimos, lo que facilita a atacantes man-in-the-middle obtener información sensible o interferir con las comunicaciones mediante la modificación del flujo de datos del cliente-servidor. • http://www.fortiguard.com/advisory/FG-IR-14-006 http://www.kb.cert.org/vuls/id/730964 http://www.securityfocus.com/bid/69754 https://exchange.xforce.ibmcloud.com/vulnerabilities/96119 • CWE-310: Cryptographic Issues •

CVSS: 7.5EPSS: 7%CPEs: 11EXPL: 0

The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.0.0 before 5.0.8 on FortiGate devices allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted request. El servicio de protocolo FortiManager en Fortinet FortiOS anterior a 4.3.16 y 5.0.0 anterior a 5.0.8 en los dispositivos FortiGate permite a atacantes remotos causar una denegación de servicio y posiblemente ejecutar código arbitrario a través de una solicitud manipulada. • http://secunia.com/advisories/60724 http://www.fortiguard.com/advisory/FG-IR-14-006 http://www.kb.cert.org/vuls/id/730964 http://www.securityfocus.com/bid/69338 http://www.securitytracker.com/id/1030753 https://exchange.xforce.ibmcloud.com/vulnerabilities/95442 •