CVE-2018-13382 - Fortinet FortiOS and FortiProxy Improper Authorization
Project:Fortinet
Product:FortiOS and FortiProxy
Date Added:2022-01-10Due Date:2022-07-10
Vulnerability Name
Fortinet FortiOS and FortiProxy Improper Authorization
Description
An Improper Authorization vulnerability in Fortinet FortiOS and FortiProxy under SSL VPN web portal allows an unauthenticated attacker to modify the password.
Known To Be Used in Ransomware Campaigns?
Known
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-13382