CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-4948

The default configuration of Fortinet Fortigate UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the presence of the Fortinet_CA_SSLProxy certificate in a list of trusted root certification authorities.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.2%

CVSS Severity

CVSS v2 Score 5.3

References

Products affected by CVE-2012-4948

Fortinet » Fortigate-1000c » Version: N/A

cpe:2.3:h:fortinet:fortigate-1000c:-
Fortinet » Fortigate-100d » Version: N/A

cpe:2.3:h:fortinet:fortigate-100d:-
Fortinet » Fortigate-110c » Version: N/A

cpe:2.3:h:fortinet:fortigate-110c:-
Fortinet » Fortigate-1240b » Version: N/A

cpe:2.3:h:fortinet:fortigate-1240b:-
Fortinet » Fortigate-200b » Version: N/A

cpe:2.3:h:fortinet:fortigate-200b:-
Fortinet » Fortigate-20c » Version: N/A

cpe:2.3:h:fortinet:fortigate-20c:-
Fortinet » Fortigate-300c » Version: N/A

cpe:2.3:h:fortinet:fortigate-300c:-
Fortinet » Fortigate-3040b » Version: N/A

cpe:2.3:h:fortinet:fortigate-3040b:-
Fortinet » Fortigate-310b » Version: N/A

cpe:2.3:h:fortinet:fortigate-310b:-
Fortinet » Fortigate-311b » Version: N/A

cpe:2.3:h:fortinet:fortigate-311b:-
Fortinet » Fortigate-3140b » Version: N/A

cpe:2.3:h:fortinet:fortigate-3140b:-
Fortinet » Fortigate-3240c » Version: N/A

cpe:2.3:h:fortinet:fortigate-3240c:-
Fortinet » Fortigate-3810a » Version: N/A

cpe:2.3:h:fortinet:fortigate-3810a:-
Fortinet » Fortigate-3950b » Version: N/A

cpe:2.3:h:fortinet:fortigate-3950b:-
Fortinet » Fortigate-40c » Version: N/A

cpe:2.3:h:fortinet:fortigate-40c:-
Fortinet » Fortigate-5001a-Sw » Version: N/A

cpe:2.3:h:fortinet:fortigate-5001a-sw:-
Fortinet » Fortigate-5001b » Version: N/A

cpe:2.3:h:fortinet:fortigate-5001b:-
Fortinet » Fortigate-5020 » Version: N/A

cpe:2.3:h:fortinet:fortigate-5020:-
Fortinet » Fortigate-5060 » Version: N/A

cpe:2.3:h:fortinet:fortigate-5060:-
Fortinet » Fortigate-50b » Version: N/A

cpe:2.3:h:fortinet:fortigate-50b:-
Fortinet » Fortigate-5101c » Version: N/A

cpe:2.3:h:fortinet:fortigate-5101c:-
Fortinet » Fortigate-5140b » Version: N/A

cpe:2.3:h:fortinet:fortigate-5140b:-
Fortinet » Fortigate-600c » Version: N/A

cpe:2.3:h:fortinet:fortigate-600c:-
Fortinet » Fortigate-60c » Version: N/A

cpe:2.3:h:fortinet:fortigate-60c:-
Fortinet » Fortigate-620b » Version: N/A

cpe:2.3:h:fortinet:fortigate-620b:-
Fortinet » Fortigate-800c » Version: N/A

cpe:2.3:h:fortinet:fortigate-800c:-
Fortinet » Fortigate-80c » Version: N/A

cpe:2.3:h:fortinet:fortigate-80c:-
Fortinet » Fortigate-Voice-80c » Version: N/A

cpe:2.3:h:fortinet:fortigate-voice-80c:-
Fortinet » Fortigaterugged-100c » Version: N/A

cpe:2.3:h:fortinet:fortigaterugged-100c:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-4948

Products

Pricing

Contact Us