Weak MAC Verification in Fortinet FortiOS SSL-VPN
CVE-2015-5965 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:P/A:N
The SSL-VPN feature in Fortinet FortiOS before 4.3.13 only checks the first byte of the TLS MAC in finished messages, which makes it easier for remote attackers to spoof encrypted content via a crafted MAC field.
Learn more about our Cis Benchmark Audit For Apple Ios.