Unrated severityNVD Advisory· Published Aug 23, 2019· Updated Oct 25, 2024
CVE-2019-5592
CVE-2019-5592
Description
Multiple padding oracle vulnerabilities (Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length) in the CBC padding implementation of FortiOS IPS engine version 5.000 to 5.006, 4.000 to 4.036, 4.200 to 4.219, 3.547 and below, when configured with SSL Deep Inspection policies and with the IPS sensor enabled, may allow an attacker to decipher TLS connections going through the FortiGate via monitoring the traffic in a Man-in-the-middle position.
Affected products
2- Fortinet/FortiOS IPS enginedescription
- Range: 5.000-5.006, 4.000-4.036, 4.200-4.219, <=3.547
Patches
Vulnerability mechanics
References
1- fortiguard.com/advisory/FG-IR-19-145mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.