Description
The SSL-VPN feature in Fortinet FortiOS before 4.3.13 only checks the first byte of the TLS MAC in finished messages, which makes it easier for remote attackers to spoof encrypted content via a crafted MAC field.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/76065
Vendor Advisory x_refsource_confirm
http://www.fortiguard.com/advisory/FG-IR-15-016/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1033256
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/201508-01
Various Sources x_refsource_misc
https://vivaldi.net/en-US/blogs/entry/the-poodle-has-friends
Scores
EPSS
0.0035
EPSS Percentile
57.5%
Details
CWE
CWE-20
Status
published
Products (1)
fortinet/fortios
< 4.3.12
Published
Aug 11, 2015
Tracked Since
Feb 18, 2026