An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests
History

Wed, 23 Oct 2024 14:15:00 +0000

Type Values Removed Values Added
Metrics kev

{'dateAdded': '2022-01-10'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2019-06-04T20:33:53

Updated: 2024-10-23T13:31:37.705Z

Reserved: 2018-07-06T00:00:00

Link: CVE-2018-13382

cve-icon Vulnrichment

Updated: 2024-08-05T09:00:35.087Z

cve-icon NVD

Status : Modified

Published: 2019-06-04T21:29:00.373

Modified: 2024-11-21T03:46:59.660

Link: CVE-2018-13382

cve-icon Redhat

No data.