| Max CVSS | 6.4 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-7042 | 5.0 |
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because the hostname check operates on uninitialized memory. The outcome is that a valid certificate is never accepted (o
|
21-07-2021 - 11:39 | 27-02-2020 - 18:15 | |
| CVE-2020-7041 | 5.0 |
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because an X509_check_host negative error code is interpreted as a successful return value.
|
09-10-2020 - 15:08 | 27-02-2020 - 18:15 | |
| CVE-2020-7043 | 6.4 |
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c mishandles certificate validation because hostname comparisons do not consider '\0' characters, as demonstrated by a good.example.com\x00evil.example.com att
|
09-10-2020 - 14:58 | 27-02-2020 - 18:15 | |
| CVE-2020-7042 | 5.0 |
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because the hostname check operates on uninitialized memory. The outcome is that a valid certificate is never accepted (o
|
24-09-2020 - 23:15 | 27-02-2020 - 18:15 | |
| CVE-2020-7041 | 5.0 |
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because an X509_check_host negative error code is interpreted as a successful return value.
|
24-09-2020 - 23:15 | 27-02-2020 - 18:15 | |
| CVE-2020-7043 | 6.4 |
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c mishandles certificate validation because hostname comparisons do not consider '\0' characters, as demonstrated by a good.example.com\x00evil.example.com att
|
24-09-2020 - 23:15 | 27-02-2020 - 18:15 |