Unrated severityNVD Advisory· Published Nov 14, 2012· Updated Jun 16, 2026
CVE-2012-4948
CVE-2012-4948
Description
The default configuration of Fortinet Fortigate UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the presence of the Fortinet_CA_SSLProxy certificate in a list of trusted root certification authorities.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
30cpe:2.3:h:fortinet:fortigate-1000c:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:h:fortinet:fortigate-1000c:-:*:*:*:*:*:*:*
- cpe:2.3:h:fortinet:fortigate-110c:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-100d:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:h:fortinet:fortigate-100d:-:*:*:*:*:*:*:*
- cpe:2.3:h:fortinet:fortigate-40c:-:*:*:*:*:*:*:*
- cpe:2.3:h:fortinet:fortigate-1240b:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-200b:-:*:*:*:*:*:*:*+ 16 more
- cpe:2.3:h:fortinet:fortigate-200b:-:*:*:*:*:*:*:*
- cpe:2.3:h:fortinet:fortigate-300c:-:*:*:*:*:*:*:*
- cpe:2.3:h:fortinet:fortigate-3040b:-:*:*:*:*:*:*:*
- cpe:2.3:h:fortinet:fortigate-310b:-:*:*:*:*:*:*:*
- cpe:2.3:h:fortinet:fortigate-311b:-:*:*:*:*:*:*:*
- cpe:2.3:h:fortinet:fortigate-3240c:-:*:*:*:*:*:*:*
- cpe:2.3:h:fortinet:fortigate-3810a:-:*:*:*:*:*:*:*
- cpe:2.3:h:fortinet:fortigate-3950b:-:*:*:*:*:*:*:*
- cpe:2.3:h:fortinet:fortigate-5001a-sw:-:*:*:*:*:*:*:*
- cpe:2.3:h:fortinet:fortigate-5020:-:*:*:*:*:*:*:*
- cpe:2.3:h:fortinet:fortigate-5060:-:*:*:*:*:*:*:*
- cpe:2.3:h:fortinet:fortigate-50b:-:*:*:*:*:*:*:*
- cpe:2.3:h:fortinet:fortigate-5101c:-:*:*:*:*:*:*:*
- cpe:2.3:h:fortinet:fortigate-5140b:-:*:*:*:*:*:*:*
- cpe:2.3:h:fortinet:fortigate-620b:-:*:*:*:*:*:*:*
- cpe:2.3:h:fortinet:fortigate-80c:-:*:*:*:*:*:*:*
- cpe:2.3:h:fortinet:fortigate-voice-80c:-:*:*:*:*:*:*:*
- cpe:2.3:h:fortinet:fortigate-20c:-:*:*:*:*:*:*:*
- cpe:2.3:h:fortinet:fortigate-3140b:-:*:*:*:*:*:*:*
- cpe:2.3:h:fortinet:fortigate-5001b:-:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortigate-600c:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:h:fortinet:fortigate-600c:-:*:*:*:*:*:*:*
- cpe:2.3:h:fortinet:fortigate-800c:-:*:*:*:*:*:*:*
- cpe:2.3:h:fortinet:fortigate-60c:-:*:*:*:*:*:*:*
- cpe:2.3:h:fortinet:fortigaterugged-100c:-:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
3- www.kb.cert.org/vuls/id/111708nvdThird Party AdvisoryUS Government Resource
- www.securityfocus.com/bid/56382nvdThird Party AdvisoryVDB Entry
- osvdb.org/87048nvd
News mentions
0No linked articles in our index yet.