CVE-2018-13376

Published: Nov 27, 2018Modified: Nov 21, 2024

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response.

Affected (3)

Products: Fortinet: Fortios

Fortinet

1 product

Fortios

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Fortinet Fortios	Up to 5.2.12
Fortinet Fortios	From 5.4.6 to 5.4.7
Fortinet Fortios	From 5.6.1 to 5.6.3

References (6)

http://www.securityfocus.com/bid/106036

Source: psirt@fortinet.com

Third Party AdvisoryVDB Entry

https://fortiguard.com/advisory/FG-IR-18-325

Source: psirt@fortinet.com

Vendor Advisory

https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180031.txt

Source: psirt@fortinet.com

ExploitThird Party Advisory

http://www.securityfocus.com/bid/106036

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://fortiguard.com/advisory/FG-IR-18-325

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180031.txt

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.