3 matches found
Fortinet FortiOS (Mac OS X) < 5.2.15, 5.4.0 < 6.0.5 SSL VPN Web Portal Host Header Redirection (FG-IR-19-002) (deprecated)
The plugin was deprecated due to checking hosts for FortiClient instead of FortiOS. Use fortiosFG-IR-19-002.nasl plugin ID 125889 instead. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2020/11/18. Deprecated by fortiosFG-IR-19-002.nasl include"compat.inc"; if description scriptid12589...
CVE-2018-13384
A Host Header Redirection vulnerability in Fortinet FortiOS all versions below 6.0.5 under SSL VPN web portal allows a remote attacker to potentially poison HTTP cache and subsequently redirect SSL VPN web portal users to arbitrary web domains...
CVE-2018-13384
The connected documents confirm a Host Header Redirection vulnerability in Fortinet FortiOS, affecting FortiOS SSL-VPN web portal prior to version 6.0.5. The root cause is improper validation of HTTP request headers, enabling an unauthenticated remote attacker to induce redirects to arbitrary web...