CVE-2014-0351 in FortiOSinfo

Summary

The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.x before 5.0.8 on FortiGate devices does not prevent use of anonymous ciphersuites, which makes it easier for man-in-the-middle attackers to obtain sensitive information or interfere with communications by modifying the client-server data stream.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

12/05/2013

Disclosure

09/10/2014

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
67675Fortinet FortiOS FortiManager Service cryptographic issue310UnprovenOfficial fixCVE-2014-0351

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

PreviousOverviewNext

Might our Artificial Intelligence support you?

Check our Alexa App!