The default configuration of Fortinet Fortigate UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the presence of the Fortinet_CA_SSLProxy certificate in a list of trusted root certification authorities.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity High

Authentication None

Confidentiality Impact Complete

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.0009.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Fortinet Subscribe
Fortigate-1000c Subscribe
Fortigate-100d Subscribe
Fortigate-110c Subscribe
Fortigate-1240b Subscribe
Fortigate-200b Subscribe
Fortigate-20c Subscribe
Fortigate-300c Subscribe
Fortigate-3040b Subscribe
Fortigate-310b Subscribe
Fortigate-311b Subscribe
Fortigate-3140b Subscribe
Fortigate-3240c Subscribe
Fortigate-3810a Subscribe
Fortigate-3950b Subscribe
Fortigate-40c Subscribe
Fortigate-5001a-sw Subscribe
Fortigate-5001b Subscribe
Fortigate-5020 Subscribe
Fortigate-5060 Subscribe
Fortigate-50b Subscribe
Fortigate-5101c Subscribe
Fortigate-5140b Subscribe
Fortigate-600c Subscribe
Fortigate-60c Subscribe
Fortigate-620b Subscribe
Fortigate-800c Subscribe
Fortigate-80c Subscribe
Fortigate-voice-80c Subscribe
Fortigaterugged-100c Subscribe

Configuration 1 [-]

OR cpe:2.3:h:fortinet:fortigate-1000c:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-100d:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-110c:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-1240b:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-200b:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-20c:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-300c:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-3040b:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-310b:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-311b:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-3140b:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-3240c:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-3810a:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-3950b:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-40c:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-5001a-sw:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-5001b:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-5020:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-5060:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-50b:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-5101c:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-5140b:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-600c:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-60c:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-620b:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-800c:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-80c:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-voice-80c:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigaterugged-100c:-:*:*:*:*:*:*:*

No data.

No data.

Advisories
Source ID Title
EUVD EUVD EUVD-2012-4873 The default configuration of Fortinet Fortigate UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the presence of the Fortinet_CA_SSLProxy certificate in a list of trusted root certification authorities.
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
http://osvdb.org/87048 cve-icon cve-icon
http://www.kb.cert.org/vuls/id/111708 cve-icon cve-icon
http://www.securityfocus.com/bid/56382 cve-icon cve-icon
History

No history.

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: certcc

Published:

Updated: 2024-08-06T20:50:18.189Z

Reserved: 2012-09-17T00:00:00

Link: CVE-2012-4948

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2012-11-14T12:30:59.507

Modified: 2025-04-11T00:51:21.963

Link: CVE-2012-4948

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses