CVE-2018-13374
Vulnerability from cvelistv5
Published
2019-01-22 14:00
Modified
2024-10-23 13:34
Severity ?
EPSS score ?
Summary
A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4 allows attacker to obtain the LDAP server login credentials configured in FortiGate via pointing a LDAP server connectivity test request to a rogue LDAP server instead of the configured one.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-18-157 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-18-157 | Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Fortinet | Fortinet FortiOS, fortiADC |
Version: FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4 |
|
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog
Date added: 2022-09-08
Due date: 2022-09-29
Required action: Apply updates per vendor instructions.
Used in ransomware: Known
Notes: https://www.fortiguard.com/psirt/FG-IR-18-157; https://nvd.nist.gov/vuln/detail/CVE-2018-13374
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T09:00:35.217Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://fortiguard.com/advisory/FG-IR-18-157" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2018-13374", "options": [ { "Exploitation": "active" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-23T13:33:58.626214Z", "version": "2.0.3" }, "type": "ssvc" } }, { "other": { "content": { "dateAdded": "2022-09-08", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2018-13374" }, "type": "kev" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-23T13:34:03.407Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Fortinet FortiOS, fortiADC", "vendor": "Fortinet", "versions": [ { "status": "affected", "version": "FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4" } ] } ], "datePublic": "2019-01-22T00:00:00", "descriptions": [ { "lang": "en", "value": "A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4 allows attacker to obtain the LDAP server login credentials configured in FortiGate via pointing a LDAP server connectivity test request to a rogue LDAP server instead of the configured one." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Improper Access Control", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-03T10:29:23", "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://fortiguard.com/advisory/FG-IR-18-157" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@fortinet.com", "ID": "CVE-2018-13374", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Fortinet FortiOS, fortiADC", "version": { "version_data": [ { "version_value": "FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4" } ] } } ] }, "vendor_name": "Fortinet" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4 allows attacker to obtain the LDAP server login credentials configured in FortiGate via pointing a LDAP server connectivity test request to a rogue LDAP server instead of the configured one." } ] }, "impact": { "cvss": { "attackComplexity": "Low", "attackVector": "Network", "availabilityImpact": "None", "baseScore": 4.2, "baseSeverity": "Medium", "confidentialityImpact": "Low", "integrityImpact": "None", "privilegesRequired": "Low", "scope": "Unchanged", "userInteraction": "None", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Improper Access Control" } ] } ] }, "references": { "reference_data": [ { "name": "https://fortiguard.com/advisory/FG-IR-18-157", "refsource": "CONFIRM", "url": "https://fortiguard.com/advisory/FG-IR-18-157" } ] } } } }, "cveMetadata": { "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "assignerShortName": "fortinet", "cveId": "CVE-2018-13374", "datePublished": "2019-01-22T14:00:00", "dateReserved": "2018-07-06T00:00:00", "dateUpdated": "2024-10-23T13:34:03.407Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "cisa_known_exploited": { "cveID": "CVE-2018-13374", "cwes": "[\"CWE-732\"]", "dateAdded": "2022-09-08", "dueDate": "2022-09-29", "knownRansomwareCampaignUse": "Known", "notes": "https://www.fortiguard.com/psirt/FG-IR-18-157; https://nvd.nist.gov/vuln/detail/CVE-2018-13374", "product": "FortiOS and FortiADC", "requiredAction": "Apply updates per vendor instructions.", "shortDescription": "Fortinet FortiOS and FortiADC contain an improper access control vulnerability that allows attackers to obtain the LDAP server login credentials configured in FortiGate by pointing a LDAP server connectivity test request to a rogue LDAP server.", "vendorProject": "Fortinet", "vulnerabilityName": "Fortinet FortiOS and FortiADC Improper Access Control Vulnerability" }, "nvd": "{\"cve\":{\"id\":\"CVE-2018-13374\",\"sourceIdentifier\":\"psirt@fortinet.com\",\"published\":\"2019-01-22T14:29:00.220\",\"lastModified\":\"2024-11-21T03:46:58.687\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4 allows attacker to obtain the LDAP server login credentials configured in FortiGate via pointing a LDAP server connectivity test request to a rogue LDAP server instead of the configured one.\"},{\"lang\":\"es\",\"value\":\"Un control de acceso inadecuado en Fortinet FortiOS 6.0.2, 5.6.7 y anteriores, FortiADC 6.1.0, 6.0.0 a 6.0.1, 5.4.0 a 5.4.4 permite a un atacante obtener las credenciales de inicio de sesi\u00f3n del servidor LDAP configurado en FortiGate a trav\u00e9s de una solicitud de prueba de conectividad del servidor LDAP a un servidor LDAP falso en lugar del configurado\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@fortinet.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:N/A:N\",\"baseScore\":4.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2022-09-08\",\"cisaActionDue\":\"2022-09-29\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Fortinet FortiOS and FortiADC Improper Access Control Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-732\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-732\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.4.0\",\"versionEndExcluding\":\"5.4.5\",\"matchCriteriaId\":\"7FE3819E-9A44-450F-A461-C8C98C4EA37C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndExcluding\":\"6.0.2\",\"matchCriteriaId\":\"8C5CDC2B-23F8-4023-AC68-155C274F900E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortiadc:6.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"028E15CD-B5F9-4376-9758-78D131103BF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.0.3\",\"matchCriteriaId\":\"93254072-D30A-4BF8-9AB5-40DF2C2D5507\"}]}]}],\"references\":[{\"url\":\"https://fortiguard.com/advisory/FG-IR-18-157\",\"source\":\"psirt@fortinet.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://fortiguard.com/advisory/FG-IR-18-157\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}" } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.