Vulnerability Details : CVE-2018-9194
A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under VIP SSL feature when CPx being used.
Exploit prediction scoring system (EPSS) score for CVE-2018-9194
0.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 30 %
Percentile, the proportion of vulnerabilities that are scored at or less