Improper Certificate Validation in FortiNAC-F by Fortinet
CVE-2023-48785
4.4MEDIUM
What is CVE-2023-48785?
An improper certificate validation issue in FortiNAC-F versions up to 7.2.4 could enable a remote, unauthenticated attacker to exploit this weakness. By manipulating HTTPS communications between FortiOS devices and FortiNAC-F, the attacker could conduct a Man-in-the-Middle attack, potentially compromising the confidentiality and integrity of the data transmitted across the network. Organizations are urged to assess their systems and apply necessary updates to mitigate this risk.
Affected Version(s)
FortiNAC-F 7.2.0 <= 7.2.4