A channel accessible by non-endpoint vulnerability [CWE-300] in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7 and before 7.0.14 & FortiProxy version 7.4.0 through 7.4.3, 7.2.0 through 7.2.9 and before 7.0.16 allows an unauthenticated attacker with the knowledge of device specific data to spoof the identity of a downstream device of the security fabric via crafted TCP requests.
The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Fortiproxy | Fortinet | 7.0.0 (including) | 7.0.17 (excluding) |
| Fortiproxy | Fortinet | 7.2.0 (including) | 7.2.10 (excluding) |
| Fortiproxy | Fortinet | 7.4.0 (including) | 7.4.4 (excluding) |