← back
CVE-2015-5965

CVE-2015-5965

EPSS 2.1%
The SSL-VPN feature in Fortinet FortiOS before 4.3.13 only checks the first byte of the TLS MAC in finished messages, which makes it easier for remote attackers to spoof encrypted content via a crafted MAC field.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://security.gentoo.org/glsa/201508-01https://vivaldi.net/en-US/blogs/entry/the-poodle-has-friendshttp://www.fortiguard.com/advisory/FG-IR-15-016/http://www.securityfocus.com/bid/76065http://www.securitytracker.com/id/1033256