ID

VAR-201806-0786


CVE

CVE-2018-1355


TITLE

Fortinet FortiManager and FortiAnalyzer Open redirect vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-007121

DESCRIPTION

An open redirect vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows attacker to inject script code during converting a HTML table to a PDF document under the FortiView feature. An attacker may be able to social engineer an authenticated user into generating a PDF file containing injected malicious URLs. Fortinet FortiManager and FortiAnalyzer Contains an open redirect vulnerability.Information may be obtained and information may be altered. Fortinet FortiAnalyzer and FortiManager are prone to an open-redirect vulnerability. An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Other attacks are possible. The following products and versions are vulnerable: FortiAnalyzer 6.0.0 and prior FortiManager 6.0.0 and prior. Both Fortinet FortiManager and FortiAnalyzer are products of Fortinet. Fortinet FortiManager is a centralized network security management solution. FortiAnalyzer is a centralized network security reporting solution. An open redirection vulnerability exists in Fortinet FortiManager 6.0.0 and earlier and FortiAnalyzer 6.0.0 and earlier. An attacker could exploit this vulnerability to inject script code by conducting a social engineering attack

Trust: 2.07

sources: NVD: CVE-2018-1355 // JVNDB: JVNDB-2018-007121 // BID: 104546 // VULHUB: VHN-123620 // VULMON: CVE-2018-1355

AFFECTED PRODUCTS

vendor:fortinetmodel:fortimanagerscope:eqversion:6.0.0

Trust: 1.6

vendor:fortinetmodel:fortianalyzerscope:eqversion:6.0.0

Trust: 1.6

vendor:fortinetmodel:fortianalyzerscope:lteversion:5.6.5

Trust: 1.0

vendor:fortinetmodel:fortimanagerscope:lteversion:5.6.5

Trust: 1.0

vendor:fortinetmodel:fortianalyzerscope:lteversion:6.0.0

Trust: 0.8

vendor:fortinetmodel:fortimanagerscope:lteversion:6.0.0

Trust: 0.8

vendor:fortinetmodel:fortimanagerscope:eqversion:6.0

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.4.4

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.4.2

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.4.1

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.4

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.2.8

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.2.7

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.2.6

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.2.5

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.2.2

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.2.1

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.2

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.0.12

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.0.11

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.0.10

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.0.9

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.0.8

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.0.7

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.0.6

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.0.5

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.0.4

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.0.3

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.0.2

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.0.1

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:2.80

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.2.4

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.2.3

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:5.0

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:4.3

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:eqversion:3.0

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:6.0

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.4.1

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.4

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.2.6

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.2.5

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.2.3

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.2.2

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.2.1

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.2

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.0.13

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.0.12

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.0.11

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.0.10

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.0.9

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.0.7

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.0.5

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.0.4

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:5.0

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:4.3.7

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:4.3.6

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:eqversion:3.0

Trust: 0.3

vendor:fortinetmodel:fortimanagerscope:neversion:6.0.1

Trust: 0.3

vendor:fortinetmodel:fortianalyzerscope:neversion:6.0.1

Trust: 0.3

sources: BID: 104546 // JVNDB: JVNDB-2018-007121 // CNNVD: CNNVD-201806-1346 // NVD: CVE-2018-1355

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-1355
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-1355
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201806-1346
value: MEDIUM

Trust: 0.6

VULHUB: VHN-123620
value: MEDIUM

Trust: 0.1

VULMON: CVE-2018-1355
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-1355
severity: MEDIUM
baseScore: 5.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-123620
severity: MEDIUM
baseScore: 5.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-1355
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 2.7
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-123620 // VULMON: CVE-2018-1355 // JVNDB: JVNDB-2018-007121 // CNNVD: CNNVD-201806-1346 // NVD: CVE-2018-1355

PROBLEMTYPE DATA

problemtype:CWE-601

Trust: 1.9

sources: VULHUB: VHN-123620 // JVNDB: JVNDB-2018-007121 // NVD: CVE-2018-1355

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201806-1346

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201806-1346

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-007121

PATCH

title:FG-IR-18-022url:https://fortiguard.com/psirt/FG-IR-18-022

Trust: 0.8

title:Fortinet FortiManager and FortiAnalyzer Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=81605

Trust: 0.6

title: - url:https://github.com/0xCyberY/CVE-T4PDF

Trust: 0.1

sources: VULMON: CVE-2018-1355 // JVNDB: JVNDB-2018-007121 // CNNVD: CNNVD-201806-1346

EXTERNAL IDS

db:NVDid:CVE-2018-1355

Trust: 2.9

db:BIDid:104546

Trust: 2.1

db:SECTRACKid:1041185

Trust: 1.8

db:SECTRACKid:1041184

Trust: 1.8

db:JVNDBid:JVNDB-2018-007121

Trust: 0.8

db:CNNVDid:CNNVD-201806-1346

Trust: 0.7

db:VULHUBid:VHN-123620

Trust: 0.1

db:VULMONid:CVE-2018-1355

Trust: 0.1

sources: VULHUB: VHN-123620 // VULMON: CVE-2018-1355 // BID: 104546 // JVNDB: JVNDB-2018-007121 // CNNVD: CNNVD-201806-1346 // NVD: CVE-2018-1355

REFERENCES

url:http://www.securityfocus.com/bid/104546

Trust: 1.9

url:https://fortiguard.com/advisory/fg-ir-18-022

Trust: 1.8

url:http://www.securitytracker.com/id/1041184

Trust: 1.8

url:http://www.securitytracker.com/id/1041185

Trust: 1.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1355

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-1355

Trust: 0.8

url:http://www.fortinet.com/products/fortianalyzer/

Trust: 0.3

url:http://www.fortinet.com/

Trust: 0.3

url:https://fortiguard.com/psirt/fg-ir-18-022

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/601.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://github.com/0xcybery/cve-t4pdf

Trust: 0.1

sources: VULHUB: VHN-123620 // VULMON: CVE-2018-1355 // BID: 104546 // JVNDB: JVNDB-2018-007121 // CNNVD: CNNVD-201806-1346 // NVD: CVE-2018-1355

CREDITS

Donato Onofri, Luca Napolitano and Francesca Perrone of Business Integration Partners S.p.A.

Trust: 0.3

sources: BID: 104546

SOURCES

db:VULHUBid:VHN-123620
db:VULMONid:CVE-2018-1355
db:BIDid:104546
db:JVNDBid:JVNDB-2018-007121
db:CNNVDid:CNNVD-201806-1346
db:NVDid:CVE-2018-1355

LAST UPDATE DATE

2024-08-14T14:33:05.671000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-123620date:2019-03-08T00:00:00
db:VULMONid:CVE-2018-1355date:2019-03-08T00:00:00
db:BIDid:104546date:2018-06-22T00:00:00
db:JVNDBid:JVNDB-2018-007121date:2018-09-10T00:00:00
db:CNNVDid:CNNVD-201806-1346date:2019-03-13T00:00:00
db:NVDid:CVE-2018-1355date:2019-03-08T13:46:47.527

SOURCES RELEASE DATE

db:VULHUBid:VHN-123620date:2018-06-27T00:00:00
db:VULMONid:CVE-2018-1355date:2018-06-27T00:00:00
db:BIDid:104546date:2018-06-22T00:00:00
db:JVNDBid:JVNDB-2018-007121date:2018-09-10T00:00:00
db:CNNVDid:CNNVD-201806-1346date:2018-06-28T00:00:00
db:NVDid:CVE-2018-1355date:2018-06-27T20:29:04.933