QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2012-4948

Back to search

CVE-2012-4948

Published: Nov 14, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

The default configuration of Fortinet Fortigate UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the presence of the Fortinet_CA_SSLProxy certificate in a list of trusted root certification authorities.

VendorProductVersions

n/a

n/a

affected
n/a

References

VU#111708
third-party-advisory
x_refsource_CERT-VN
56382
vdb-entry
x_refsource_BID
87048
vdb-entry
x_refsource_OSVDB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now