Vulnerabilities > CVE-2023-50178 - Unspecified vulnerability in Fortinet Fortiadc

CVSS 7.4 - HIGH

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

NONE

network

high complexity

fortinet

NVD

Published: 2024-07-09

Updated: 2024-11-21

Summary

An improper certificate validation vulnerability [CWE-295] in FortiADC 7.4.0, 7.2.0 through 7.2.3, 7.1 all versions, 7.0 all versions, 6.2 all versions, 6.1 all versions and 6.0 all versions may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the device and various remote servers such as private SDN connectors and FortiToken Cloud.

Vulnerable Configurations

Part	Description	Count
Application	Fortinet Fortinet Fortiadc 6.0.0 Fortinet Fortiadc 6.0.1 Fortinet Fortiadc 6.0.2 Fortinet Fortiadc 6.0.3 Fortinet Fortiadc 6.0.4 Fortinet Fortiadc 6.1.0 Fortinet Fortiadc 6.1.1 Fortinet Fortiadc 6.1.2 Fortinet Fortiadc 6.1.3 Fortinet Fortiadc 6.1.4 Fortinet Fortiadc 6.1.5 Fortinet Fortiadc 6.1.6 Fortinet Fortiadc 7.0.0 Fortinet Fortiadc 7.0.1 Fortinet Fortiadc 7.0.2 Fortinet Fortiadc 6.2.0 Fortinet Fortiadc 6.2.1 Fortinet Fortiadc 6.2.2 Fortinet Fortiadc 6.2.3 Fortinet Fortiadc 6.2.4 Fortinet Fortiadc 6.2.5 Fortinet Fortiadc 6.2.6 Fortinet Fortiadc 7.4.0 Fortinet Fortiadc 7.1.0 Fortinet Fortiadc 7.1.1 Fortinet Fortiadc 7.1.2 Fortinet Fortiadc 7.1.3 Fortinet Fortiadc 7.1.4 Fortinet Fortiadc 7.2.0 Fortinet Fortiadc 7.2.1 Fortinet Fortiadc 7.2.2 Fortinet Fortiadc 7.2.3	36

Summary

Vulnerable Configurations

References