Sign-up

ID

VAR-201806-0786


CVE

CVE-2018-1355


TITLE

Fortinet FortiManager and FortiAnalyzer Open redirect vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-007121

DESCRIPTION

An open redirect vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows attacker to inject script code during converting a HTML table to a PDF document under the FortiView feature. An attacker may be able to social engineer an authenticated user into generating a PDF file containing injected malicious URLs. Fortinet FortiManager and FortiAnalyzer Contains an open redirect vulnerability.Information may be obtained and information may be altered. Fortinet FortiAnalyzer and FortiManager are prone to an open-redirect vulnerability. An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Other attacks are possible. The following products and versions are vulnerable: FortiAnalyzer 6.0.0 and prior FortiManager 6.0.0 and prior. Both Fortinet FortiManager and FortiAnalyzer are products of Fortinet. Fortinet FortiManager is a centralized network security management solution. FortiAnalyzer is a centralized network security reporting solution. An open redirection vulnerability exists in Fortinet FortiManager 6.0.0 and earlier and FortiAnalyzer 6.0.0 and earlier. An attacker could exploit this vulnerability to inject script code by conducting a social engineering attack

Trust: 2.07

sources: NVD: CVE-2018-1355 // JVNDB: JVNDB-2018-007121 // BID: 104546 // VULHUB: VHN-123620 // VULMON: CVE-2018-1355

AFFECTED PRODUCTS

vendor:fortinetmodel:fortimanagerscope:eqversion:6.0.0

Trust: 1.6

vendor:fortinetmodel:fortianalyzerscope:eqversion:6.0.0

Trust: 1.6

vendor:fortinetmodel:fortianalyzerscope:lteversion:5.6.5

Trust: 1.0

vendor:fortinetmodel:fortimanagerscope:lteversion:5.6.5

Trust: 1.0

vendor:fortinetmodel:fortianalyzerscope:lteversion:6.0.0

Trust: 0.8

vendor:fortinetmodel:fortimanagerscope:lteversion:6.0.0

Trust: 0.8

vendor:fortinetmodel:fortimanagerscope:eqversion:6.0

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.4.4

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.4.2

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.4.1

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.4

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.2.8

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.2.7

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.2.6

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.2.5

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.2.2

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.2.1

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.2

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.0.12

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.0.11

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.0.10

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.0.9

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.0.8

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.0.7

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.0.6

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.0.5

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.0.4

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.0.3

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.0.2

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.0.1

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:2.80

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.2.4

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.2.3

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.0

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:4.3

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:3.0

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:6.0

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.4.1

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.4

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.2.6

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.2.5

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.2.3

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.2.2

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.2.1

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.2

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.0.13

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.0.12

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.0.11

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.0.10

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.0.9

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.0.7

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.0.5

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.0.4

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.0

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:4.3.7

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:4.3.6

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:3.0

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:neversion:6.0.1

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:neversion:6.0.1

Trust: 0.3

sources: BID: 104546 // JVNDB: JVNDB-2018-007121 // CNNVD: CNNVD-201806-1346 // NVD: CVE-2018-1355

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-1355
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-1355
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201806-1346
value: MEDIUM

Trust: 0.6

VULHUB: VHN-123620
value: MEDIUM

Trust: 0.1

VULMON: CVE-2018-1355
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-1355
severity: MEDIUM
baseScore: 5.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-123620
severity: MEDIUM
baseScore: 5.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-1355
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 2.7
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-123620 // VULMON: CVE-2018-1355 // JVNDB: JVNDB-2018-007121 // CNNVD: CNNVD-201806-1346 // NVD: CVE-2018-1355

PROBLEMTYPE DATA

problemtype:CWE-601

Trust: 1.9

sources: VULHUB: VHN-123620 // JVNDB: JVNDB-2018-007121 // NVD: CVE-2018-1355

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201806-1346

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201806-1346

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-007121

PATCH
title:FG-IR-18-022url:https://fortiguard.com/psirt/FG-IR-18-022
Trust: 0.8
title:Fortinet FortiManager  and FortiAnalyzer Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=81605
Trust: 0.6
title: - url:https://github.com/0xCyberY/CVE-T4PDF 
Trust: 0.1
sources:
            
            
            VULMON: CVE-2018-1355 // 
            
            
            
            JVNDB: JVNDB-2018-007121 // 
            
            
            
            CNNVD: CNNVD-201806-1346

EXTERNAL IDS
db:NVDid:CVE-2018-1355
Trust: 2.9
db:BIDid:104546
Trust: 2.1
db:SECTRACKid:1041185
Trust: 1.8
db:SECTRACKid:1041184
Trust: 1.8
db:JVNDBid:JVNDB-2018-007121
Trust: 0.8
db:CNNVDid:CNNVD-201806-1346
Trust: 0.7
db:VULHUBid:VHN-123620
Trust: 0.1
db:VULMONid:CVE-2018-1355
Trust: 0.1
sources:
            
            
            VULHUB: VHN-123620 // 
            
            
            
            VULMON: CVE-2018-1355 // 
            
            
            
            BID: 104546 // 
            
            
            
            JVNDB: JVNDB-2018-007121 // 
            
            
            
            CNNVD: CNNVD-201806-1346 // 
            
            
            
            NVD: CVE-2018-1355

REFERENCES
url:http://www.securityfocus.com/bid/104546
Trust: 1.9
url:https://fortiguard.com/advisory/fg-ir-18-022
Trust: 1.8
url:http://www.securitytracker.com/id/1041184
Trust: 1.8
url:http://www.securitytracker.com/id/1041185
Trust: 1.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1355
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-1355
Trust: 0.8
url:http://www.fortinet.com/products/fortianalyzer/
Trust: 0.3
url:http://www.fortinet.com/
Trust: 0.3
url:https://fortiguard.com/psirt/fg-ir-18-022
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/601.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://github.com/0xcybery/cve-t4pdf
Trust: 0.1
sources:
            
            
            VULHUB: VHN-123620 // 
            
            
            
            VULMON: CVE-2018-1355 // 
            
            
            
            BID: 104546 // 
            
            
            
            JVNDB: JVNDB-2018-007121 // 
            
            
            
            CNNVD: CNNVD-201806-1346 // 
            
            
            
            NVD: CVE-2018-1355

CREDITS
Donato Onofri, Luca Napolitano and Francesca Perrone of Business Integration Partners S.p.A.
Trust: 0.3
sources:
            
            
            BID: 104546

SOURCES
db:VULHUBid:VHN-123620
db:VULMONid:CVE-2018-1355
db:BIDid:104546
db:JVNDBid:JVNDB-2018-007121
db:CNNVDid:CNNVD-201806-1346
db:NVDid:CVE-2018-1355

LAST UPDATE DATE
2024-08-14T14:33:05.671000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-123620date:2019-03-08T00:00:00
db:VULMONid:CVE-2018-1355date:2019-03-08T00:00:00
db:BIDid:104546date:2018-06-22T00:00:00
db:JVNDBid:JVNDB-2018-007121date:2018-09-10T00:00:00
db:CNNVDid:CNNVD-201806-1346date:2019-03-13T00:00:00
db:NVDid:CVE-2018-1355date:2019-03-08T13:46:47.527

SOURCES RELEASE DATE
db:VULHUBid:VHN-123620date:2018-06-27T00:00:00
db:VULMONid:CVE-2018-1355date:2018-06-27T00:00:00
db:BIDid:104546date:2018-06-22T00:00:00
db:JVNDBid:JVNDB-2018-007121date:2018-09-10T00:00:00
db:CNNVDid:CNNVD-201806-1346date:2018-06-28T00:00:00
db:NVDid:CVE-2018-1355date:2018-06-27T20:29:04.933