This page was not yet optimized for use on mobile
devices.
FortiOS 5.2
Known vulnerabilities detected
Our automated heuristics have identified vulnerabilities that may be associated with this certificate. See the CVEs section for details.Certificate #2765
Webpage information
Security policy
Symmetric Algorithms
AES, DES, Triple-DES, HMACAsymmetric Algorithms
Diffie-HellmanHash functions
SHA-1, SHA1, SHA-256, SHA-384, SHA-512, MD5Schemes
Key agreementProtocols
SSH, SSL, TLS 1.2, TLS, TLS 1.1, IKE, VPNRandomness
DRBGBlock cipher modes
CBC, CTRSecurity level
Level 1Standards
FIPS 140-2, FIPS 140, NIST SP 800-90A, PKCS1File metadata
| Title | FOS 5.2 FIPS Level 1 Security Policy.book |
|---|---|
| Author | akaye |
| Creation date | D:20161003133441-04'00' |
| Modification date | D:20161003133441-04'00' |
| Pages | 20 |
| Creator | PScript5.dll Version 5.2.2 |
| Producer | Acrobat Elements 9.0.0 (Windows) |
Heuristics
Automated inference - use with caution
All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.CPE matches
- cpe:2.3:o:fortinet:fortios:5.2.0:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.10:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.11:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.12:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.13:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.14:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.15:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.1:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.2:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.3:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.4:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.5:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.6:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.7:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.8:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.9:*:*:*:*:*:*:*
Related CVEs
| ID | Links | Severity | CVSS Score | Published on | ||
|---|---|---|---|---|---|---|
| Base | Exploitability | Impact | ||||
| CVE-2014-8616 | MEDIUM | 4.3 | 2.9 | 12.05.2015 | ||
| CVE-2015-1880 | MEDIUM | 4.3 | 2.9 | 12.05.2015 | ||
| CVE-2015-2323 | MEDIUM | 6.4 | 4.9 | 11.08.2015 | ||
| CVE-2015-3626 | MEDIUM | 4.3 | 2.9 | 11.08.2015 | ||
| CVE-2015-7361 | HIGH | 9.3 | 10.0 | 15.10.2015 | ||
| CVE-2016-3978 | MEDIUM | 6.1 | 2.7 | 08.04.2016 | ||
| CVE-2016-7541 | MEDIUM | 5.9 | 3.6 | 30.03.2017 | ||
| CVE-2016-7542 | MEDIUM | 4.9 | 3.6 | 30.03.2017 | ||
| CVE-2017-14185 | MEDIUM | 5.3 | 1.4 | 25.05.2018 | ||
| CVE-2017-14186 | MEDIUM | 5.4 | 2.7 | 29.11.2017 | ||
| CVE-2017-14187 | MEDIUM | 6.2 | 5.9 | 24.05.2018 | ||
| CVE-2017-14190 | MEDIUM | 6.1 | 2.7 | 29.01.2018 | ||
| CVE-2017-17544 | HIGH | 7.2 | 5.9 | 09.04.2019 | ||
| CVE-2017-3127 | MEDIUM | 6.1 | 2.7 | 01.06.2017 | ||
| CVE-2017-3128 | MEDIUM | 4.8 | 2.7 | 23.05.2017 | ||
| CVE-2017-3130 | HIGH | 7.5 | 3.6 | 10.08.2017 | ||
| CVE-2017-3132 | MEDIUM | 6.1 | 2.7 | 12.09.2017 | ||
| CVE-2017-3133 | MEDIUM | 6.1 | 2.7 | 12.09.2017 | ||
| CVE-2017-7735 | MEDIUM | 5.4 | 2.7 | 12.09.2017 | ||
| CVE-2017-7739 | MEDIUM | 6.1 | 2.7 | 13.11.2017 | ||
| CVE-2018-13365 | MEDIUM | 5.3 | 1.4 | 29.05.2019 | ||
| CVE-2018-13366 | MEDIUM | 5.3 | 1.4 | 09.04.2019 | ||
| CVE-2018-13367 | MEDIUM | 5.3 | 1.4 | 23.08.2019 | ||
| CVE-2018-13371 | HIGH | 8.8 | 5.9 | 02.04.2020 | ||
| CVE-2018-13374 | MEDIUM | 4.3 | 1.4 | 22.01.2019 | ||
| CVE-2018-13376 | HIGH | 7.5 | 3.6 | 27.11.2018 | ||
| CVE-2018-13381 | HIGH | 7.5 | 3.6 | 04.06.2019 | ||
| CVE-2018-13383 | MEDIUM | 6.5 | 3.6 | 29.05.2019 | ||
| CVE-2018-13384 | MEDIUM | 6.1 | 2.7 | 04.06.2019 | ||
| CVE-2018-9185 | HIGH | 8.1 | 5.9 | 05.07.2018 | ||
| CVE-2018-9195 | MEDIUM | 5.9 | 3.6 | 21.11.2019 | ||
| CVE-2019-15703 | HIGH | 7.5 | 3.6 | 24.10.2019 | ||
| CVE-2019-15705 | HIGH | 7.5 | 3.6 | 27.11.2019 | ||
| CVE-2019-17655 | HIGH | 7.5 | 3.6 | 16.06.2020 | ||
| CVE-2019-17656 | MEDIUM | 6.5 | 3.6 | 12.04.2021 | ||
| CVE-2019-5586 | MEDIUM | 6.1 | 2.7 | 04.06.2019 | ||
| CVE-2019-5587 | MEDIUM | 6.5 | 3.6 | 04.06.2019 | ||
| CVE-2019-5591 | MEDIUM | 6.5 | 3.6 | 14.08.2020 | ||
| CVE-2019-5593 | MEDIUM | 5.5 | 3.6 | 23.01.2020 | ||
| CVE-2019-6693 | MEDIUM | 6.5 | 3.6 | 21.11.2019 | ||
| CVE-2020-12812 | CRITICAL | 9.8 | 5.9 | 24.07.2020 | ||
| CVE-2020-12819 | HIGH | 7.5 | 5.9 | 19.12.2024 | ||
| CVE-2020-12820 | HIGH | 8.8 | 5.9 | 19.12.2024 | ||
| CVE-2020-15938 | HIGH | 7.5 | 3.6 | 04.03.2021 | ||
| CVE-2020-6648 | MEDIUM | 6.5 | 3.6 | 21.10.2020 | ||
| CVE-2021-24018 | HIGH | 8.8 | 5.9 | 04.08.2021 | ||
| CVE-2021-26092 | MEDIUM | 6.1 | 2.7 | 24.02.2022 | ||
| CVE-2021-42757 | MEDIUM | 6.7 | 5.9 | 08.12.2021 | ||
| CVE-2021-44168 | HIGH | 7.8 | 5.9 | 04.01.2022 | ||
| CVE-2022-22299 | HIGH | 7.8 | 5.9 | 05.08.2022 | ||
| CVE-2022-23438 | MEDIUM | 6.1 | 2.7 | 18.07.2022 | ||
| CVE-2022-42475 | CRITICAL | 9.8 | 5.9 | 02.01.2023 | ||
| CVE-2023-33305 | MEDIUM | 6.5 | 3.6 | 13.06.2023 | ||
| CVE-2023-45583 | HIGH | 7.2 | 5.9 | 14.05.2024 | ||
Showing 5 out of 54.
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 2765,
"dgst": "f11ca4a63fad2854",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"RSA#2024",
"AES#3963",
"Triple-DES#2172",
"DRBG#1161",
"HMAC#2582",
"HMAC#2581",
"SHS#3268",
"Triple-DES#2173",
"CVL#795",
"CVL#794",
"AES#3964",
"SHS#3267"
]
},
"cpe_matches": {
"_type": "Set",
"elements": [
"cpe:2.3:o:fortinet:fortios:5.2.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.2.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.2.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.2.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.2.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.2.14:*:*:*:*:*:*:*"
]
},
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"5.2.7",
"5.2"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": {
"_type": "Set",
"elements": [
"CVE-2016-7541",
"CVE-2018-13371",
"CVE-2020-12812",
"CVE-2017-3133",
"CVE-2019-15703",
"CVE-2017-7735",
"CVE-2016-3978",
"CVE-2019-5586",
"CVE-2021-42757",
"CVE-2021-26092",
"CVE-2015-3626",
"CVE-2017-14186",
"CVE-2023-45583",
"CVE-2015-2323",
"CVE-2018-13376",
"CVE-2018-13367",
"CVE-2019-5587",
"CVE-2017-3127",
"CVE-2019-6693",
"CVE-2017-3130",
"CVE-2019-5593",
"CVE-2019-17656",
"CVE-2017-14190",
"CVE-2014-8616",
"CVE-2021-24018",
"CVE-2020-15938",
"CVE-2019-5591",
"CVE-2022-42475",
"CVE-2015-1880",
"CVE-2018-13383",
"CVE-2018-13384",
"CVE-2017-17544",
"CVE-2018-13366",
"CVE-2021-44168",
"CVE-2018-13365",
"CVE-2022-22299",
"CVE-2020-6648",
"CVE-2018-9195",
"CVE-2023-33305",
"CVE-2017-14187",
"CVE-2022-23438",
"CVE-2019-17655",
"CVE-2017-3128",
"CVE-2018-13374",
"CVE-2017-3132",
"CVE-2017-7739",
"CVE-2017-14185",
"CVE-2018-13381",
"CVE-2018-9185",
"CVE-2019-15705",
"CVE-2015-7361",
"CVE-2016-7542",
"CVE-2020-12819",
"CVE-2020-12820"
]
},
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"FF": {
"DH": {
"Diffie-Hellman": 9
}
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 6
},
"CTR": {
"CTR": 1
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKE": 19
},
"SSH": {
"SSH": 16
},
"TLS": {
"SSL": {
"SSL": 5
},
"TLS": {
"TLS": 4,
"TLS 1.1": 1,
"TLS 1.2": 1
}
},
"VPN": {
"VPN": 26
}
},
"crypto_scheme": {
"KA": {
"Key agreement": 1
}
},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"AES 128": 1,
"AES 256": 1,
"HMAC SHA-1": 6,
"HMAC SHA-1 2581": 1,
"HMAC SHA-256": 9,
"HMAC SHA-256 2581": 1,
"HMAC SHA-384": 1,
"HMAC SHA-384 2581": 1,
"HMAC SHA-512 2581": 1,
"PKCS1": 1,
"RSA PKCS1": 1,
"SHA-1": 10,
"SHA-1 2581": 1,
"SHA-1 3267": 1,
"SHA-256": 12,
"SHA-384": 4,
"SHA-512": 1,
"SHA-512 2581": 1,
"SHA-512 3268": 1,
"SHA1": 1
}
},
"fips_security_level": {
"Level": {
"Level 1": 3
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 1
}
},
"SHA": {
"SHA1": {
"SHA-1": 12,
"SHA1": 1
},
"SHA2": {
"SHA-256": 12,
"SHA-384": 4,
"SHA-512": 3
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 25
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140": 1,
"FIPS 140-2": 36
},
"NIST": {
"NIST SP 800-90A": 1
},
"PKCS": {
"PKCS1": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 18
}
},
"DES": {
"3DES": {
"Triple-DES": 7
},
"DES": {
"DES": 2
}
},
"constructions": {
"MAC": {
"HMAC": 21
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "akaye",
"/CreationDate": "D:20161003133441-04\u002700\u0027",
"/Creator": "PScript5.dll Version 5.2.2",
"/ModDate": "D:20161003133441-04\u002700\u0027",
"/Producer": "Acrobat Elements 9.0.0 (Windows)",
"/Title": "FOS 5.2 FIPS Level 1 Security Policy.book",
"pdf_file_size_bytes": 246471,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 20
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "c1302e699dc90d52d1ed87754a2d86116ff23e3fc03eca5ae5583ad17b64f413",
"policy_txt_hash": "e6f46b9b704df52da91ca828fdea41e24684e13d332d9f9ef05fe97172a12664"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. There is no assurance of the minimum strength of generated keys",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FIPS140ConsolidatedCertOct2016.pdf",
"date_sunset": null,
"description": "The FortiOS is a firmware based operating system that runs exclusively on Fortinet\u0027s FortiGate/FortiWiFi product family. The FortiOS provides integrated firewall, VPN, antivirus, antispam, intrusion prevention, content filtering and traffic shaping and HA capabilities.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Cryptographic Module Ports and Interfaces: Level 3",
"Roles, Services, and Authentication: Level 3",
"Design Assurance: Level 3"
],
"fw_versions": "5.2.7, build0718,160328",
"historical_reason": "Moved to historical list due to sunsetting",
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "FortiOS 5.2",
"module_type": "Firmware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "historical",
"sw_versions": null,
"tested_conf": [
"FortiGate-300D with the Fortinet entropy token (part number FTR-ENT-1)"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2016-10-07",
"lab": "CGI Information Systems \u0026 Management Consultants Inc",
"validation_type": "Initial"
}
],
"vendor": "Fortinet, Inc.",
"vendor_url": "http://www.fortinet.com"
}
}