Security Advisory

CVE-2018-13382

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-06-04 20:33:53

Last updated 2025-10-21 23:45:35

Assigner fortinet

State PUBLISHED

Description

An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests

← Browse all CVEs View on cve.org ↗