Search Results (Refine Search)
- CPE Product Version: cpe:/a:fortinet:forticlient:5.2.3.091::~~~android~~
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2015-1570 |
The Endpoint Control protocol implementation in Fortinet FortiClient 5.2.3.091 for Android and 5.2.028 for iOS does not validate certificates, which makes it easier for man-in-the-middle attackers to spoof servers via a crafted certificate. Published: February 10, 2015; 3:59:05 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2015-1453 |
The qm class in Fortinet FortiClient 5.2.3.091 for Android uses a hardcoded encryption key of FoRtInEt!AnDrOiD, which makes it easier for attackers to obtain passwords and possibly other sensitive data by leveraging the key to decrypt data in the Shared Preferences. Published: February 02, 2015; 11:59:06 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |