An improper certificate validation vulnerability [CWE-295] in FortiADC 7.4.0, 7.2 all versions, 7.1 all versions, 7.0 all versions may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the device and public SDN connectors.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.fortinet.com/psirt/FG-IR-23-480 |
History
Mon, 09 Sep 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Fortinet
Fortinet fortiadc |
|
CPEs | cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:* | |
Vendors & Products |
Fortinet
Fortinet fortiadc |
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2024-07-09T15:33:27.266Z
Updated: 2024-08-02T22:09:49.647Z
Reserved: 2023-12-05T13:18:34.865Z
Link: CVE-2023-50179
Vulnrichment
Updated: 2024-08-02T22:09:49.647Z
NVD
Status : Modified
Published: 2024-07-09T16:15:03.640
Modified: 2024-11-21T08:36:36.693
Link: CVE-2023-50179
Redhat
No data.