Vulnerabilities

CVE-2018-9194

by Fred · 05/09/2018

A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server’s private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under VIP SSL feature when CPx being used.

Date published : 2018-09-05

https://www.kb.cert.org/vuls/id/144389

https://fortiguard.com/advisory/FG-IR-17-302

Similar

Tags: Cybersecurity Alert