Home
MEDIUM: 6.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:P/RL:W/RC:CDefault status
unaffected
7.6.0 (semver)
affected
7.4.0 (semver)
affected
7.2.0 (semver)
affected
7.0.0 (semver)
affected
6.4.0 (semver)
affected
Default status
unaffected
7.6.0 (semver)
affected
7.4.0 (semver)
affected
7.2.0 (semver)
affected
7.0.0 (semver)
affected
6.4.0 (semver)
affected
Default status
unaffected
7.6.2 (semver)
affected
7.4.1 (semver)
affected
7.2.1 (semver)
affected
7.0.1 (semver)
affected
6.4.1 (semver)
affected
Default status
unaffected
7.6.2
affected
7.4.1 (semver)
affected
7.2.1 (semver)
affected
7.0.1 (semver)
affected
6.4.1 (semver)
affected
Description
A improper certificate validation vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4.0 through 7.4.8, FortiManager 7.2 all versions, FortiManager 7.0 all versions, FortiManager 6.4 all versions may allow a remote unauthenticated attacker to view confidential information via a man in the middle [MiTM] attack.
Problem types
Product status
7.6.0 (semver)
7.4.0 (semver)
7.2.0 (semver)
7.0.0 (semver)
6.4.0 (semver)
7.6.0 (semver)
7.4.0 (semver)
7.2.0 (semver)
7.0.0 (semver)
6.4.0 (semver)
7.6.2 (semver)
7.4.1 (semver)
7.2.1 (semver)
7.0.1 (semver)
6.4.1 (semver)
7.6.2
7.4.1 (semver)
7.2.1 (semver)
7.0.1 (semver)
6.4.1 (semver)
References
fortiguard.fortinet.com/psirt/FG-IR-26-078