Man-in-the-Middle Vulnerability in Fortinet Fortigate UTM Appliances
CVE-2012-4948

Currently unrated

Key Information:

Vendor
Fortinet
Status
Fortigate-3140b
Fortigate-60c
Fortigate-3040b
Fortigate-300c
Vendor
CVE Published:
14 November 2012

Summary

The default configuration of Fortinet Fortigate UTM appliances creates a critical security gap by using identical Certification Authority certificates and private keys across different installations. This uniformity enables potential man-in-the-middle attackers to easily spoof SSL servers by exploiting the Fortinet_CA_SSLProxy certificate, which is present in the list of trusted root certification authorities. Organizations relying on these appliances must ensure proper configuration and consider using unique certificates to mitigate this risk.

References

http://www.kb.cert.org/vuls/id/111708
third-party-advisoryx_refsource_CERT-VN
http://www.securityfocus.com/bid/56382
vdb-entryx_refsource_BID
http://osvdb.org/87048
vdb-entryx_refsource_OSVDB

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.