CVE-2012-4948
Severity Score
5.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The default configuration of Fortinet Fortigate UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the presence of the Fortinet_CA_SSLProxy certificate in a list of trusted root certification authorities.
La configuración predeterminada de Fortinet FortiGate UTM utiliza el mismo certificado de la autoridad de certificación (CA) y la misma clave privada en instalaciones de diferentes clientes, lo que hace que sea más fácil para atacantes MITM (man-in-the-middle) a la hora de falsificar servidores SSL, aprovechando la presencia del certificado Fortinet_CA_SSLProxy en una lista de confianza de la autoridad de certificación raíz.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-09-17 CVE Reserved
- 2012-11-14 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-295: Improper Certificate Validation
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/87048 | Vdb Entry | |
| http://www.kb.cert.org/vuls/id/111708 | Third Party Advisory |
|
| http://www.securityfocus.com/bid/56382 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Fortinet Search vendor "Fortinet" | Fortigate-1000c Search vendor "Fortinet" for product "Fortigate-1000c" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-100d Search vendor "Fortinet" for product "Fortigate-100d" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-110c Search vendor "Fortinet" for product "Fortigate-110c" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-1240b Search vendor "Fortinet" for product "Fortigate-1240b" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-200b Search vendor "Fortinet" for product "Fortigate-200b" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-20c Search vendor "Fortinet" for product "Fortigate-20c" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-300c Search vendor "Fortinet" for product "Fortigate-300c" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-3040b Search vendor "Fortinet" for product "Fortigate-3040b" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-310b Search vendor "Fortinet" for product "Fortigate-310b" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-311b Search vendor "Fortinet" for product "Fortigate-311b" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-3140b Search vendor "Fortinet" for product "Fortigate-3140b" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-3240c Search vendor "Fortinet" for product "Fortigate-3240c" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-3810a Search vendor "Fortinet" for product "Fortigate-3810a" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-3950b Search vendor "Fortinet" for product "Fortigate-3950b" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-40c Search vendor "Fortinet" for product "Fortigate-40c" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-5001a-sw Search vendor "Fortinet" for product "Fortigate-5001a-sw" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-5001b Search vendor "Fortinet" for product "Fortigate-5001b" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-5020 Search vendor "Fortinet" for product "Fortigate-5020" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-5060 Search vendor "Fortinet" for product "Fortigate-5060" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-50b Search vendor "Fortinet" for product "Fortigate-50b" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-5101c Search vendor "Fortinet" for product "Fortigate-5101c" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-5140b Search vendor "Fortinet" for product "Fortigate-5140b" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-600c Search vendor "Fortinet" for product "Fortigate-600c" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-60c Search vendor "Fortinet" for product "Fortigate-60c" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-620b Search vendor "Fortinet" for product "Fortigate-620b" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-800c Search vendor "Fortinet" for product "Fortigate-800c" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-80c Search vendor "Fortinet" for product "Fortigate-80c" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigate-voice-80c Search vendor "Fortinet" for product "Fortigate-voice-80c" | - | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortigaterugged-100c Search vendor "Fortinet" for product "Fortigaterugged-100c" | - | - |
Affected
| ||||||