CVE-2023-29175
CVSS V2 None
CVSS V3 None
Description
An improper certificate validation vulnerability [CWE-295] in FortiOS 6.2 all versions, 6.4 all versions, 7.0.0 through 7.0.10, 7.2.0 and FortiProxy 1.2 all versions, 2.0 all versions, 7.0.0 through 7.0.9, 7.2.0 through 7.2.3 may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the vulnerable device and the remote FortiGuard's map server.
Overview
- CVE ID
- CVE-2023-29175
- Assigner
- fortinet
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-06-13T08:41:48.433Z
- Last Modified Date
- 2023-06-13T08:41:48.433Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://fortiguard.com/psirt/FG-IR-22-468 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-29175 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29175 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-25 04:30:52 | Added to TrackCVE |