CVE-2018-13381

🗓️ 04 Jun 2019 20:26:34Reported by fortinetType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 238 Views

Fortinet FortiOS and FortiProxy SSL VPN web portal buffer overflow vulnerabilit

Reporter	Title	Published	Views	Family All 13
Circl	CVE-2018-13381	5 Jun 201900:26	–	circl
CNVD	Fortinet FortiOS Buffer Overflow Vulnerability	22 May 201900:00	–	cnvd
Check Point Advisories	Fortinet FortiOS SSL VPN Buffer Overflow (CVE-2018-13381)	18 Feb 202100:00	–	checkpoint_advisories
Cvelist	CVE-2018-13381	4 Jun 201920:26	–	cvelist
EUVD	EUVD-2018-5325	7 Oct 202500:30	–	euvd
Fortinet	Protect	17 May 201900:00	–	fortinet
Fortinet	Buffer overflow vulnerability in FortiProxy SSL VPN through a crafted POST request	3 Feb 202100:00	–	fortinet
Tenable Nessus	Fortinet FortiOS <= 5.4, 5.6.x < 5.6.8, 6.0.x < 6.0.5 SSL VPN Buffer Overflow (FG-IR-18-387)	14 Jun 201900:00	–	nessus
Tenable Nessus	Fortinet FortiOS (Mac OS X) <= 5.4, 5.6.x < 5.6.8, 6.0.x < 6.0.5 SSL VPN Buffer Overflow (FG-IR-18-387) (deprecated)	14 Jun 201900:00	–	nessus
NVD	CVE-2018-13381	4 Jun 201921:29	–	nvd

NVD

Node

fortinet fortiproxyRange≤1.2.8

fortinet fortiproxyMatch2.0.0

fortinet fortiosRange≤5.2.14

fortinet fortiosRange5.4.0–5.4.12

fortinet fortiosRange5.6.0–5.6.10

fortinet fortiosRange6.0.0–6.0.4

[
  {
    "product": "Fortinet FortiOS and FortiProxy",
    "vendor": "Fortinet",
    "versions": [
      {
        "status": "affected",
        "version": "FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier."
      }
    ]
  }
]

Source	Link
fortiguard	www.fortiguard.com/advisory/FG-IR-18-387
fortiguard	www.fortiguard.com/advisory/FG-IR-20-232

21 Nov 2024 03:46Current

7.5High risk

Vulners AI Score7.5

CVSS 25

CVSS 3.15.3 - 7.5

EPSS0.00534

SSVC

CWE-119