CVE-2018-13376Fortinet Fortios vulnerability

4 documents4 sources
Severity
7.5HIGHNVD
EPSS
1.0%
top 22.84%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Fortinet FortiosFortinet INC Fortinet Fortios
Timeline
PublishedNov 27
Latest updateMay 13

Description

An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

NVDfortinet/fortios5.4.65.4.7+2
CVEListV5fortinet_inc/fortinet_fortiosFortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions

🔴Vulnerability Details

2
GHSA
GHSA-2vhw-3h86-29h4: An uninitialized memory buffer leak exists in Fortinet FortiOS 52022-05-13
CVEList
CVE-2018-13376: An uninitialized memory buffer leak exists in Fortinet FortiOS 52018-11-27

📋Vendor Advisories

1
Fortinet
An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under we...2018-11-27
CVE-2018-13376 — Fortinet Fortios vulnerability | cvebase