CVE-2016-8492

5.9MEDIUM

Key Information:

Vendor: Fortinet
Status: Fortinet Fortigate
Vendor: CVE Published:; 8 February 2017

Summary

The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows attackers to gain unauthorized read access to data handled by the device via IPSec/TLS decryption.

Affected Version(s)

Fortinet FortiGate Before 5.0

References

http://www.securityfocus.com/bid/94480

vdb-entryx_refsource_BID

https://fortiguard.com/advisory/FG-IR-16-067

x_refsource_CONFIRM

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 8, 2017
Vulnerability Reserved
Oct 7, 2016