CVE-2016-8495
N/A
N/A
Summary
An improper certificate validation vulnerability in Fortinet FortiManager 5.0.6 through 5.2.7 and 5.4.0 through 5.4.1 allows remote attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack via the Fortisandbox devices probing feature.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Fortinet | FortiManager | 5.0.6 to 5.2.7 | affected |
| Fortinet | FortiManager | 5.4.0 to 5.4.1 | affected |
Weaknesses
- Credentials exposure
ADP Enrichment
CVE Program Container
Additional References
- http://www.securitytracker.com/id/1037805
- https://fortiguard.com/advisory/FG-IR-16-055
- http://www.securityfocus.com/bid/96157
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- http://www.securitytracker.com/id/1037805
- https://fortiguard.com/advisory/FG-IR-16-055
- http://www.securityfocus.com/bid/96157
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.