Vulnerability Details : CVE-2015-5965
The SSL-VPN feature in Fortinet FortiOS before 4.3.13 only checks the first byte of the TLS MAC in finished messages, which makes it easier for remote attackers to spoof encrypted content via a crafted MAC field.
Vulnerability category: Input validation
Products affected by CVE-2015-5965
- cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-5965
0.55%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 74 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-5965
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2015-5965
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-5965
-
https://vivaldi.net/en-US/blogs/entry/the-poodle-has-friends
Vivaldi Community
-
http://www.securityfocus.com/bid/76065
Fortinet FortiOS SSL-VPN Man in The Middle Security Bypass Vulnerability
-
https://security.gentoo.org/glsa/201508-01
Adobe Flash Player: Multiple vulnerabilities (GLSA 201508-01) — Gentoo security
-
http://www.securitytracker.com/id/1033256
Fortinet FortiGate/FortiOS MAC Authentication Flaw Lets Remote Users Modify Data on the Target System - SecurityTracker
-
http://www.fortiguard.com/advisory/FG-IR-15-016/
FortiGuardVendor Advisory
Jump to