Unrated severityNVD Advisory· Published Aug 11, 2015· Updated Jun 17, 2026
CVE-2015-2323
CVE-2015-2323
Description
FortiOS 5.0.x before 5.0.12 and 5.2.x before 5.2.4 supports anonymous, export, RC4, and possibly other weak ciphers when using TLS to connect to FortiGuard servers, which allows man-in-the-middle attackers to spoof TLS content by modifying packets.
Affected products
17cpe:2.3:o:fortinet:fortios:5.0.0:*:*:*:*:*:*:*+ 16 more
- cpe:2.3:o:fortinet:fortios:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.0.10:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.0.11:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.0.5:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.0.6:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.0.7:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.0.9:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.0:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.1:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.2:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.3:*:*:*:*:*:*:*
- (no CPE)range: <5.0.12 || <5.2.4
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.