Vulnerability: Plaintext Recovery and Man-in-the-Middle Attack on RSA PKCS #1 v1.5 Encryption in Fortinet FortiOS

Vulnerability: Plaintext Recovery and Man-in-the-Middle Attack on RSA PKCS #1 v1.5 Encryption in Fortinet FortiOS

CVE-2018-9192 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under SSL Deep Inspection feature when CPx being used.

Learn more about our Cis Benchmark Audit For Apple Ios.