VYPR
Unrated severityNVD Advisory· Published Aug 11, 2015· Updated Jun 17, 2026

CVE-2015-2323

CVE-2015-2323

Description

FortiOS 5.0.x before 5.0.12 and 5.2.x before 5.2.4 supports anonymous, export, RC4, and possibly other weak ciphers when using TLS to connect to FortiGuard servers, which allows man-in-the-middle attackers to spoof TLS content by modifying packets.

Affected products

17
  • Fortinet/Fortios17 versions
    cpe:2.3:o:fortinet:fortios:5.0.0:*:*:*:*:*:*:*+ 16 more
    • cpe:2.3:o:fortinet:fortios:5.0.0:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortios:5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortios:5.0.10:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortios:5.0.11:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortios:5.0.2:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortios:5.0.3:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortios:5.0.4:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortios:5.0.5:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortios:5.0.6:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortios:5.0.7:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortios:5.0.8:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortios:5.0.9:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortios:5.2.0:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortios:5.2.1:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortios:5.2.2:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortios:5.2.3:*:*:*:*:*:*:*
    • (no CPE)range: <5.0.12 || <5.2.4

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.