A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under VIP SSL feature when CPx being used.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2018-09-05T13:00:00Z
Updated: 2024-09-17T02:21:42.320Z
Reserved: 2018-04-02T00:00:00
Link: CVE-2018-9194
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-09-05T13:29:00.637
Modified: 2019-10-03T00:03:26.223
Link: CVE-2018-9194
Redhat
No data.