6.4

CVE-2015-2323

FortiOS 5.0.x before 5.0.12 and 5.2.x before 5.2.4 supports anonymous, export, RC4, and possibly other weak ciphers when using TLS to connect to FortiGuard servers, which allows man-in-the-middle attackers to spoof TLS content by modifying packets.

Data is provided by the National Vulnerability Database (NVD)
FortinetFortios Version5.0.0
FortinetFortios Version5.0.1
FortinetFortios Version5.0.2
FortinetFortios Version5.0.3
FortinetFortios Version5.0.4
FortinetFortios Version5.0.5
FortinetFortios Version5.0.6
FortinetFortios Version5.0.7
FortinetFortios Version5.0.8
FortinetFortios Version5.0.9
FortinetFortios Version5.0.10
FortinetFortios Version5.0.11
FortinetFortios Version5.2.0
FortinetFortios Version5.2.1
FortinetFortios Version5.2.2
FortinetFortios Version5.2.3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.29% 0.518
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 6.4 10 4.9
AV:N/AC:L/Au:N/C:P/I:P/A:N