CVE-2015-1569 — Fortinet Forticlient vulnerability

CWE-3106 documents4 sources

Severity

4.3MEDIUMNVD

EPSS

0.1%

top 66.87%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Fortinet Forticlient

Timeline

PublishedFeb 10

Latest updateMay 17

Description

Fortinet FortiClient 5.2.028 for iOS does not validate certificates, which makes it easier for man-in-the-middle attackers to spoof SSL VPN servers via a crafted certificate.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

▶NVDfortinet/forticlient5.2.028

🔴Vulnerability Details

GHSA

GHSA-4chp-8xpr-5v25: Fortinet FortiClient 5↗2022-05-17

▶

CVEList

CVE-2015-1569: Fortinet FortiClient 5↗2015-02-10

▶

💬Community

Bugzilla

CVE-2015-0241 postgresql: buffer overflow in the to_char() function↗2015-02-03

▶

Bugzilla

CVE-2015-0243 postgresql: buffer overflow flaws in contrib/pgcrypto↗2015-02-03

▶