Weak MAC Verification in Fortinet FortiOS SSL-VPN

Weak MAC Verification in Fortinet FortiOS SSL-VPN

CVE-2015-5965 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

The SSL-VPN feature in Fortinet FortiOS before 4.3.13 only checks the first byte of the TLS MAC in finished messages, which makes it easier for remote attackers to spoof encrypted content via a crafted MAC field.

Learn more about our Cis Benchmark Audit For Apple Ios.