Multiple lack of client-side certificate validation when establishing secure connections

Fortiguard Security Advisory

An improper certificate validation vulnerability [CWE-295] in FortiADC may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the device and various remote servers such as private SDN connectors and FortiToken Cloud.


Leave a Reply

Your email address will not be published. Required fields are marked *