Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2024/10/28 12:0 a.m.16 views

Fortinet Fortigate using the LDAP test connectivity feature (FG-IR-18-157)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-18-157 advisory. - A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4 allow...

4.3CVSS8.2AI score0.38088EPSS
Exploits3References2
VulnCheck KEV
VulnCheck KEV
added 2021/02/16 12:0 a.m.4 views

VulnCheck KEV: CVE-2018-13374

Fortinet FortiOS and FortiADC contain an improper access control vulnerability that allows attackers to obtain the LDAP server login credentials configured in FortiGate by pointing a LDAP server connectivity test request to a rogue LDAP server...

4.3CVSS7.4AI score0.38088EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2019/01/24 12:0 a.m.88 views

Fortinet FortiGate < 5.6.8 / 6.x < 6.0.3 LDAP Credential Disclosure (FG-IR-18-157)

The remote host is running FortiOS prior to 5.6.8 or 6.x prior to 6.0.3. It is, therefore, affected by a credential disclosure vulnerability in the LDAP connectivity test component. This can allow a remote, read-only admin authenticated attacker to obtain the configured LDAP server login...

4.3CVSS8.2AI score0.38088EPSS
Exploits3References3
CVE
CVE
added 2019/01/22 2:0 p.m.822 views

CVE-2018-13374

CVE-2018-13374 describes an improper access control in Fortinet FortiOS (versions including 6.0.2, 5.6.7 and earlier) and FortiADC (6.1.0, 6.0.0–6.0.1, 5.4.0–5.4.4). An LDAP-credentials disclosure occurs when a LDAP connectivity test is pointed to a rogue LDAP server instead of the configured one...

4.3CVSS6AI score0.38088EPSS
In wildExploits3References2Affected Software2
Cvelist
Cvelist
added 2019/01/22 2:0 p.m.38 views

CVE-2018-13374

A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4 allows attacker to obtain the LDAP server login credentials configured in FortiGate via pointing a LDAP server connectivity test request to a rogue LDAP server instead of the...

4.3CVSS4.4AI score0.38088EPSS
Exploits3References1
Vulnrichment
Vulnrichment
added 2019/01/22 2:0 p.m.15 views

CVE-2018-13374

A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4 allows attacker to obtain the LDAP server login credentials configured in FortiGate via pointing a LDAP server connectivity test request to a rogue LDAP server instead of the...

4.3CVSS6.7AI score0.38088EPSS
Exploits3References1
Circl
Circl
added 2019/01/16 12:0 a.m.26 views

CVE-2018-13374

creationtimestamp| type| source ---|---|--- 2019-01-16 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/46171 2022-05-12 16:19:54+00:00| seen| MISP/095ab3f1-cbae-4b5c-8534-34d42a458aa5 2023-06-14 21:10:03+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2024-12-24...

4.3CVSS6.8AI score0.38088EPSS
Exploits3References6
Packet Storm
Packet Storm
added 2019/01/16 12:0 a.m.59 views

FortiGate FortiOS LDAP Credential Disclosure

/usr/bin/python3 """ CVE-2018-13374 Publicado por Julio UreA+-a PlainText Twitter: @JulioUrena Blog Post: https://plaintext.do/My-1st-CVE-Capture-LDAP-Credentials-From-FortiGate-EN/ Referencia: https://fortiguard.com/psirt/FG-IR-18-157 Ejemplo: python3 CVE-2018-13374.py -f https://FortiGateIP -u...

5.1AI score0.38088EPSS
Exploits3
Rows per page
Query Builder