ID

VAR-201901-0568


CVE

CVE-2018-13374


TITLE

Fortinet FortiOS  Vulnerability in improper permission assignment for critical resources in

Trust: 0.8

sources: JVNDB: JVNDB-2018-013156

DESCRIPTION

A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4 allows attacker to obtain the LDAP server login credentials configured in FortiGate via pointing a LDAP server connectivity test request to a rogue LDAP server instead of the configured one. Fortinet FortiOS Contains a vulnerability in improper permission assignment for critical resources.Information may be obtained. Fortinet FortiOS is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. FortiOS 6.0.0 through 6.0.2, and 5.6.7 and prior are vulnerable. Fortinet FortiOS is a set of security operating systems developed by Fortinet Corporation for the FortiGate network security platform. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSL VPN, Web content filtering and anti-spam. Fortinet FortiOS versions 6.0.0 to 6.0.2 earlier and 5.6.7 and earlier versions have an access control error vulnerability

Trust: 2.07

sources: NVD: CVE-2018-13374 // JVNDB: JVNDB-2018-013156 // BID: 106686 // VULHUB: VHN-123427 // VULMON: CVE-2018-13374

AFFECTED PRODUCTS

vendor:fortinetmodel:fortiadcscope:eqversion:6.1.0

Trust: 1.0

vendor:fortinetmodel:fortiadcscope:ltversion:6.0.2

Trust: 1.0

vendor:fortinetmodel:fortiadcscope:gteversion:6.0.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:ltversion:6.0.3

Trust: 1.0

vendor:fortinetmodel:fortiadcscope:gteversion:5.4.0

Trust: 1.0

vendor:fortinetmodel:fortiadcscope:ltversion:5.4.5

Trust: 1.0

vendor:フォーティネットmodel:fortiosscope:eqversion: -

Trust: 0.8

vendor:fortinetmodel:fortiosscope:eqversion:6.0.2

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:6.0.1

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:6.0

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.7

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.6

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.5

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.4

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.3

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.2

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.1

Trust: 0.3

vendor:fortinetmodel:fortigatescope:eqversion:0

Trust: 0.3

vendor:fortinetmodel:fortiosscope:neversion:6.0.3

Trust: 0.3

vendor:fortinetmodel:fortiosscope:neversion:5.6.8

Trust: 0.3

sources: BID: 106686 // JVNDB: JVNDB-2018-013156 // NVD: CVE-2018-13374

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-13374
value: MEDIUM

Trust: 1.0

psirt@fortinet.com: CVE-2018-13374
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-13374
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201901-776
value: HIGH

Trust: 0.6

VULHUB: VHN-123427
value: MEDIUM

Trust: 0.1

VULMON: CVE-2018-13374
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-13374
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-123427
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-13374
baseSeverity: MEDIUM
baseScore: 4.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 1.4
version: 3.1

Trust: 2.0

OTHER: JVNDB-2018-013156
baseSeverity: MEDIUM
baseScore: 4.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-123427 // VULMON: CVE-2018-13374 // JVNDB: JVNDB-2018-013156 // CNNVD: CNNVD-201901-776 // NVD: CVE-2018-13374 // NVD: CVE-2018-13374

PROBLEMTYPE DATA

problemtype:CWE-732

Trust: 1.1

problemtype:Improper permission assignment for critical resources (CWE-732) [NVD evaluation ]

Trust: 0.8

problemtype:CWE-284

Trust: 0.1

sources: VULHUB: VHN-123427 // JVNDB: JVNDB-2018-013156 // NVD: CVE-2018-13374

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201901-776

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-201901-776

PATCH

title:FG-IR-18-157url:https://fortiguard.com/psirt/FG-IR-18-157

Trust: 0.8

title:Fortinet FortiOS Fixes for access control error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=88870

Trust: 0.6

title:Conti-Ransomwareurl:https://github.com/Ransomware-Advisory/Conti-Ransomware

Trust: 0.1

title:plaintexturl:https://github.com/juliourena/plaintext

Trust: 0.1

sources: VULMON: CVE-2018-13374 // JVNDB: JVNDB-2018-013156 // CNNVD: CNNVD-201901-776

EXTERNAL IDS

db:NVDid:CVE-2018-13374

Trust: 3.7

db:JVNDBid:JVNDB-2018-013156

Trust: 0.8

db:CNNVDid:CNNVD-201901-776

Trust: 0.7

db:EXPLOIT-DBid:46171

Trust: 0.6

db:AUSCERTid:ESB-2021.1901

Trust: 0.6

db:BIDid:106686

Trust: 0.3

db:PACKETSTORMid:151205

Trust: 0.1

db:SEEBUGid:SSVID-97775

Trust: 0.1

db:VULHUBid:VHN-123427

Trust: 0.1

db:VULMONid:CVE-2018-13374

Trust: 0.1

sources: VULHUB: VHN-123427 // VULMON: CVE-2018-13374 // BID: 106686 // JVNDB: JVNDB-2018-013156 // CNNVD: CNNVD-201901-776 // NVD: CVE-2018-13374

REFERENCES

url:https://fortiguard.com/advisory/fg-ir-18-157

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-13374

Trust: 0.8

url:https://cisa.gov/known-exploited-vulnerabilities-catalog

Trust: 0.8

url:https://www.exploit-db.com/exploits/46171/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1901

Trust: 0.6

url:http://www.fortinet.com/

Trust: 0.3

url:https://fortiguard.com/psirt/fg-ir-18-157

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/732.html

Trust: 0.1

url:https://github.com/ransomware-advisory/conti-ransomware

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-123427 // VULMON: CVE-2018-13374 // BID: 106686 // JVNDB: JVNDB-2018-013156 // CNNVD: CNNVD-201901-776 // NVD: CVE-2018-13374

CREDITS

Julio Engels Urena Martinez

Trust: 0.3

sources: BID: 106686

SOURCES

db:VULHUBid:VHN-123427
db:VULMONid:CVE-2018-13374
db:BIDid:106686
db:JVNDBid:JVNDB-2018-013156
db:CNNVDid:CNNVD-201901-776
db:NVDid:CVE-2018-13374

LAST UPDATE DATE

2024-11-23T23:04:54.501000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-123427date:2019-10-03T00:00:00
db:VULMONid:CVE-2018-13374date:2021-06-03T00:00:00
db:BIDid:106686date:2018-11-07T00:00:00
db:JVNDBid:JVNDB-2018-013156date:2024-05-31T06:58:00
db:CNNVDid:CNNVD-201901-776date:2021-06-04T00:00:00
db:NVDid:CVE-2018-13374date:2024-11-21T03:46:58.687

SOURCES RELEASE DATE

db:VULHUBid:VHN-123427date:2019-01-22T00:00:00
db:VULMONid:CVE-2018-13374date:2019-01-22T00:00:00
db:BIDid:106686date:2018-11-07T00:00:00
db:JVNDBid:JVNDB-2018-013156date:2019-02-15T00:00:00
db:CNNVDid:CNNVD-201901-776date:2019-01-23T00:00:00
db:NVDid:CVE-2018-13374date:2019-01-22T14:29:00.220