CVE-2018-13374
Fortinet FortiOS and FortiADC Improper Access Control Vulnerability
CVSS
—
Sin CVSS
EPSS
38.1%
p98
KEV
SÍ
8 sept 2022
Exploit Today
80
0-100
Publicado: — · Última mod.: —
Producto
Fortinet / FortiOS and FortiADC
Vulnerabilidad
Fortinet FortiOS and FortiADC Improper Access Control Vulnerability
Añadido a KEV
8 sept 2022
Remediar antes de
29 sept 2022
Uso conocido en ransomware
Sí
Descripción resumida
Fortinet FortiOS and FortiADC contain an improper access control vulnerability that allows attackers to obtain the LDAP server login credentials configured in FortiGate by pointing a LDAP server connectivity test request to a rogue LDAP server.
Acción requerida
Apply updates per vendor instructions.
Notas
https://www.fortiguard.com/psirt/FG-IR-18-157; https://nvd.nist.gov/vuln/detail/CVE-2018-13374
Sin CVEs relacionados por CWE o producto.