A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4 allows attacker to obtain the LDAP server login credentials configured in FortiGate via pointing a LDAP server connectivity test request to a rogue LDAP server instead of the configured one.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/advisory/FG-IR-18-157 |
History
Thu, 24 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:fortinet:fortiadc:6.0.1:*:*:*:*:*:*:* |
Wed, 23 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
kev
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2019-01-22T14:00:00
Updated: 2024-10-23T13:34:03.407Z
Reserved: 2018-07-06T00:00:00
Link: CVE-2018-13374
Vulnrichment
Updated: 2024-08-05T09:00:35.217Z
NVD
Status : Modified
Published: 2019-01-22T14:29:00.220
Modified: 2024-11-21T03:46:58.687
Link: CVE-2018-13374
Redhat
No data.