PT-2020-19353 · Openssl+2 · Openssl+2

Agustingianni

Published

2020-02-27

Updated

2024-06-15

CVE-2020-7043

CVSS v3.1

9.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions openfortivpn version 1.11.0

Description An issue was discovered in openfortivpn when used with OpenSSL before 1.0.2, where the tunnel.c file mishandles certificate validation. This occurs because hostname comparisons do not consider '0' characters, making it vulnerable to attacks such as a good.example.comx00evil.example.com attack.

Recommendations For openfortivpn version 1.11.0, consider updating OpenSSL to version 1.0.2 or later to mitigate the risk of exploitation. As a temporary workaround, restrict the use of certificate validation in tunnel.c until a patch is available.

Fix

Improper Certificate Validation

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-295

Related Identifiers

CVE-2020-7043

OPENSUSE-SU-2020:0301-1

OPENSUSE-SU-2020:0305-1

OPENSUSE-SU-2020_0301-1

OPENSUSE-SU-2024:11118-1

Affected Products

Openssl

Suse

Openfortivpn

PT-2020-19353 · Openssl+2 · Openssl+2

CVE-2020-7043

Weakness Enumeration

Related Identifiers

Affected Products

References · 26