FortiOS SSL Deep-Inspection possible Insecure Renegotiation
FortiOS SSL Deep-Inspection may enable insecure renegotiation between TLS clients and servers that support secure renegotiation, opening the door to potential Man-in-the-Middle attacks (CVE-2009-3555) against the TLS connection, where an attacker could inject arbitrary data in the connection (without however being able to decipher it).
The fix enables secure renegotiation on the SSL Deep-Inspection when both the client and server support it.
Man-in-the-Middle (MitM) Attacks
FortiOS 5.4.0 to 5.4.5
FortiOS 5.2.0 to 5.2.12
FortiOS 5.0 and below
Upgrade to FortiOS 5.6.1, 5.4.6 or 5.2.13