CVE-2012-4948

The default configuration of Fortinet Fortigate UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the presence of the Fortinet_CA_SSLProxy certificate in a list of trusted root certification authorities.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 UNKNOWN
ADJACENT_NETWORK
HIGH
AV:A/AC:H/Au:N/C:C/I:P/A:N
certccCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 25%
VendorProductVersion
fortinetfortigate-1000c
-
fortinetfortigate-100d
-
fortinetfortigate-110c
-
fortinetfortigate-1240b
-
fortinetfortigate-200b
-
fortinetfortigate-20c
-
fortinetfortigate-300c
-
fortinetfortigate-3040b
-
fortinetfortigate-310b
-
fortinetfortigate-311b
-
fortinetfortigate-3140b
-
fortinetfortigate-3240c
-
fortinetfortigate-3810a
-
fortinetfortigate-3950b
-
fortinetfortigate-40c
-
fortinetfortigate-5001a-sw
-
fortinetfortigate-5001b
-
fortinetfortigate-5020
-
fortinetfortigate-5060
-
fortinetfortigate-50b
-
fortinetfortigate-5101c
-
fortinetfortigate-5140b
-
fortinetfortigate-600c
-
fortinetfortigate-60c
-
fortinetfortigate-620b
-
fortinetfortigate-800c
-
fortinetfortigate-80c
-
fortinetfortigate-voice-80c
-
fortinetfortigaterugged-100c
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/87048
http://www.kb.cert.org/vuls/id/111708
http://www.securityfocus.com/bid/56382
http://osvdb.org/87048
http://www.kb.cert.org/vuls/id/111708
http://www.securityfocus.com/bid/56382