CVE-2013-4669

FortiClient before 4.3.5.472 on Windows, before 4.0.3.134 on Mac OS X, and before 4.0 on Android; FortiClient Lite before 4.3.4.461 on Windows; FortiClient Lite 2.0 through 2.0.0223 on Android; and FortiClient SSL VPN before 4.0.2258 on Linux proceed with an SSL session after determining that the server's X.509 certificate is invalid, which allows man-in-the-middle attackers to obtain sensitive information by leveraging a password transmission that occurs before the user warning about the certificate problem.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:fortinet:forticlient_lite:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:a:fortinet:forticlient_ssl_vpn:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:a:fortinet:forticlient_lite:*:*:*:*:*:*:*:*
cpe:2.3:o:google:android:*:*:*:*:*:*:*:*

Information

Published : 2013-06-25 07:38

Updated : 2015-11-04 09:34


NVD link : CVE-2013-4669

Mitre link : CVE-2013-4669


JSON object : View

CWE
CWE-255

Credentials Management Errors

CWE-310

Cryptographic Issues

Advertisement

dedicated server usa

Products Affected

google

  • android

microsoft

  • windows

fortinet

  • forticlient_ssl_vpn
  • forticlient_lite
  • forticlient

linux

  • linux_kernel

apple

  • mac_os_x