High severity7.4NVD Advisory· Published Feb 13, 2017· Updated May 13, 2026
CVE-2016-8495
CVE-2016-8495
Description
An improper certificate validation vulnerability in Fortinet FortiManager 5.0.6 through 5.2.7 and 5.4.0 through 5.4.1 allows remote attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack via the Fortisandbox devices probing feature.
Affected products
19cpe:2.3:o:fortinet:fortimanager_firmware:5.0.10:*:*:*:*:*:*:*+ 17 more
- cpe:2.3:o:fortinet:fortimanager_firmware:5.0.10:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortimanager_firmware:5.0.11:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortimanager_firmware:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortimanager_firmware:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortimanager_firmware:5.0.5:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortimanager_firmware:5.0.6:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortimanager_firmware:5.0.7:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortimanager_firmware:5.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortimanager_firmware:5.0.9:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortimanager_firmware:5.2.0:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortimanager_firmware:5.2.1:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortimanager_firmware:5.2.2:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortimanager_firmware:5.2.3:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortimanager_firmware:5.2.4:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortimanager_firmware:5.2.6:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortimanager_firmware:5.2.7:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortimanager_firmware:5.4.0:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortimanager_firmware:5.4.1:*:*:*:*:*:*:*
- Range: 5.0.6 to 5.2.7
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- www.securityfocus.com/bid/96157nvdThird Party AdvisoryVDB Entry
- fortiguard.com/advisory/FG-IR-16-055nvdVendor Advisory
- www.securitytracker.com/id/1037805nvd
News mentions
0No linked articles in our index yet.