CVE-2015-5965

Published: Aug 11, 2015Modified: May 6, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The SSL-VPN feature in Fortinet FortiOS before 4.3.13 only checks the first byte of the TLS MAC in finished messages, which makes it easier for remote attackers to spoof encrypted content via a crafted MAC field.

Affected (1)

Products: Fortinet: Fortios

Fortinet

1 product

Fortios

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Fortinet Fortios	Up to 4.3.12

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (10)

http://www.fortiguard.com/advisory/FG-IR-15-016/

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/76065

Source: cve@mitre.org

http://www.securitytracker.com/id/1033256

Source: cve@mitre.org

https://security.gentoo.org/glsa/201508-01

Source: cve@mitre.org

https://vivaldi.net/en-US/blogs/entry/the-poodle-has-friends

Source: cve@mitre.org

http://www.fortiguard.com/advisory/FG-IR-15-016/