CVE-2020-7043 — Improper Certificate Validation in Project Openfortivpn

CWE-295 — Improper Certificate Validation6 documents6 sources

Severity

9.1CRITICALNVD

EPSS

0.5%

top 35.51%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

4

Openfortivpn Project Openfortivpn Fedoraproject Fedora Opensuse Backports SLE +1 more

Timeline

PublishedFeb 27

Latest updateMay 24

Description

An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c mishandles certificate validation because hostname comparisons do not consider '\0' characters, as demonstrated by a good.example.com\x00evil.example.com attack.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 3.9 | Impact: 5.2

Affected Packages4 packages

▶NVDopenfortivpn_project/openfortivpn< 1.12.0

▶Debianopenfortivpn_project/openfortivpn< 1.12.0-1+3

▶NVDopensuse/leap15.1

▶NVDopensuse/backports_sle15.0

Also affects: Fedora 30, 31, 32

Patches

Patch: github.com ↗Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

3

GHSA

GHSA-4pqj-5gg5-44jh: An issue was discovered in openfortivpn 1↗2022-05-24

▶

CVEList

CVE-2020-7043: An issue was discovered in openfortivpn 1↗2020-02-27

▶

OSV

CVE-2020-7043: An issue was discovered in openfortivpn 1↗2020-02-27

▶

📋Vendor Advisories

1

Debian

CVE-2020-7043: openfortivpn - An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0...↗2020

▶

💬Community

1

Bugzilla

CVE-2020-7043 openfortivpn: mishandling of certificate validation↗2020-05-05

▶

CVE-2020-7043 — Improper Certificate Validation | cvebase