Freely subscribe to our NEWSLETTER

This bulletin was written by Vigil@nce : http://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

An attacker can use several vulnerabilities of CAPWAP of Fortinet
FortiOS.

Impacted products: FortiGate, FortiGate Virtual Appliance

Severity: 2/4

Creation date: 29/01/2015

DESCRIPTION OF THE VULNERABILITY

Several vulnerabilities were announced in Fortinet FortiOS CAPWAP
(Control And Provisioning of Wireless Access Points).

An attacker can send numerous DTLS ClientHello packets, in order
to trigger a denial of service. [severity:2/4; CVE-2015-1452]

Key used for DTLS are constant, so an attacker can act as a
Man-In-The-Middle. However, Fortinet disputes this vulnerability.
[severity:1/4; CVE-2015-1571]

An attacker can trigger a Cross Site Scripting with a CAPWAP Join
packet, in order to execute JavaScript code in the context of the
web site. [severity:2/4; CVE-2015-1451]

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/Fortinet-FortiOS-multiple-vulnerabilities-of-CAPWAP-16081