Follow

Oh boy... Insecurity through security products: Apparently, when you turned on SSL deep inspection (enterprise MITM) on a Fortigate IPS, the reencryption was using a broken configuration that allowed for various known 3rd party SSL MITM attacks further down the transport path.

cve.mitre.org/cgi-bin/cvename.

@galaxis

A product supposed to provide security provides insecurity instead. Isn't that beautiful ? :blobfacepalm:

Sign in to participate in the conversation
INFRa Mastodon

This Mastodon instance is not open for public registration. Site administrator is Alexander Bochmann.

Contact email: ab+mastodon@infra.de