ID

VAR-201905-0764


CVE

CVE-2018-13383


TITLE

Fortinet FortiOS Buffer error vulnerability

Trust: 1.4

sources: JVNDB: JVNDB-2018-015559 // CNNVD: CNNVD-201904-116

DESCRIPTION

A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle javascript href data when proxying webpages. Fortinet FortiOS Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Fortinet FortiOS is prone to a heap-based buffer-overflow vulnerability. Attackers can exploit this issue to cause denial-of-service conditions. Versions prior to FortiOS 6.0.5 are vulnerable. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. A heap buffer overflow vulnerability existed in Fortinet versions prior to FortiOS 6.2.0. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations

Trust: 2.07

sources: NVD: CVE-2018-13383 // JVNDB: JVNDB-2018-015559 // BID: 108539 // VULHUB: VHN-123437 // VULMON: CVE-2018-13383

AFFECTED PRODUCTS

vendor:fortinetmodel:fortiosscope:ltversion:6.0.5

Trust: 1.8

vendor:fortinetmodel:fortiosscope:ltversion:5.2.15

Trust: 1.0

vendor:fortinetmodel:fortiosscope:gteversion:5.2.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:gteversion:5.4.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:gteversion:5.6.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:gteversion:6.0.0

Trust: 1.0

vendor:fortinetmodel:fortiproxyscope:ltversion:1.2.9

Trust: 1.0

vendor:fortinetmodel:fortiosscope:ltversion:5.4.13

Trust: 1.0

vendor:fortinetmodel:fortiproxyscope:eqversion:2.0.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:ltversion:5.6.11

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.0.4

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:6.0.3

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:6.0.2

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:6.0.1

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:6.0

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.8

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.7

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.6

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.5

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.4

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.3

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.2

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.10

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.9

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.8

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.7

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.6

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.5

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.4

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.3

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.2

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.1

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.12

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.11

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.8

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.6

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.5

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.4

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.3

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.2

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.1

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.13

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.9

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.8

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.7

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.3

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.2

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.1

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:4.7.7

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:4.3.19

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:4.3.17

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:4.3.15

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:4.3.10

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:4.3.9

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:4.3.8

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:4.3

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:4.2.13

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:4.2.12

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:4.1.11

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:4.1.10

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:3.0

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:2.80

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:2.50

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:2.36

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.1

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.0

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.9

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.10

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.0

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.6

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.5

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.4

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.12

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.11

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.0

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:4.3.18

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:4.3.16

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:4.3.14

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:4.3.13

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:4.3.12

Trust: 0.3

vendor:fortinetmodel:fortiosscope:neversion:6.2

Trust: 0.3

vendor:fortinetmodel:fortiosscope:neversion:6.0.5

Trust: 0.3

sources: BID: 108539 // JVNDB: JVNDB-2018-015559 // NVD: CVE-2018-13383

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-13383
value: MEDIUM

Trust: 1.0

psirt@fortinet.com: CVE-2018-13383
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-13383
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201904-116
value: MEDIUM

Trust: 0.6

VULHUB: VHN-123437
value: MEDIUM

Trust: 0.1

VULMON: CVE-2018-13383
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-13383
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-123437
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-13383
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.1

Trust: 1.0

psirt@fortinet.com: CVE-2018-13383
baseSeverity: MEDIUM
baseScore: 4.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 2.8
impactScore: 1.4
version: 3.1

Trust: 1.0

NVD: CVE-2018-13383
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-123437 // VULMON: CVE-2018-13383 // JVNDB: JVNDB-2018-015559 // CNNVD: CNNVD-201904-116 // NVD: CVE-2018-13383 // NVD: CVE-2018-13383

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.0

problemtype:CWE-119

Trust: 0.9

sources: VULHUB: VHN-123437 // JVNDB: JVNDB-2018-015559 // NVD: CVE-2018-13383

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201904-116

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201904-116

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-015559

PATCH

title:FG-IR-18-388url:https://fortiguard.com/psirt/FG-IR-18-388

Trust: 0.8

title:Fortinet FortiOS Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91035

Trust: 0.6

title:Fortigate VPN: CVE-2018-13379: Pre-auth arbitrary file readingurl:https://github.com/jam620/forti-vpn

Trust: 0.1

title:SecBooks SecBooks目录url:https://github.com/SexyBeast233/SecBooks

Trust: 0.1

title:Known Exploited Vulnerabilities Detectorurl:https://github.com/Ostorlab/KEV

Trust: 0.1

title:Threatposturl:https://threatpost.com/apt-groups-exploiting-flaws-in-unpatched-vpns-officials-warn/148956/

Trust: 0.1

sources: VULMON: CVE-2018-13383 // JVNDB: JVNDB-2018-015559 // CNNVD: CNNVD-201904-116

EXTERNAL IDS

db:NVDid:CVE-2018-13383

Trust: 2.9

db:BIDid:108539

Trust: 1.0

db:JVNDBid:JVNDB-2018-015559

Trust: 0.8

db:CNNVDid:CNNVD-201904-116

Trust: 0.7

db:AUSCERTid:ESB-2019.1114.2

Trust: 0.6

db:AUSCERTid:ESB-2019.1114.4

Trust: 0.6

db:VULHUBid:VHN-123437

Trust: 0.1

db:VULMONid:CVE-2018-13383

Trust: 0.1

sources: VULHUB: VHN-123437 // VULMON: CVE-2018-13383 // BID: 108539 // JVNDB: JVNDB-2018-015559 // CNNVD: CNNVD-201904-116 // NVD: CVE-2018-13383

REFERENCES

url:https://fortiguard.com/advisory/fg-ir-18-388

Trust: 1.8

url:https://fortiguard.com/advisory/fg-ir-20-229

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-13383

Trust: 1.4

url:http://www.securityfocus.com/bid/108539

Trust: 1.3

url:http://www.fortinet.com/technology/network-os-fortios.html

Trust: 0.9

url:https://fortiguard.com/psirt/fg-ir-18-388

Trust: 0.9

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13383

Trust: 0.8

url:https://fortiguard.com/psirt/fg-ir-17-053

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.1114.2/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/78322

Trust: 0.6

url:https://vigilance.fr/vulnerability/fortios-buffer-overflow-via-javascript-href-content-28933

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/787.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://threatpost.com/apt-groups-exploiting-flaws-in-unpatched-vpns-officials-warn/148956/

Trust: 0.1

sources: VULHUB: VHN-123437 // VULMON: CVE-2018-13383 // BID: 108539 // JVNDB: JVNDB-2018-015559 // CNNVD: CNNVD-201904-116 // NVD: CVE-2018-13383

CREDITS

Meh Chang and Orange Tsai from DEVCORE Security Research Team.

Trust: 0.9

sources: BID: 108539 // CNNVD: CNNVD-201904-116

SOURCES

db:VULHUBid:VHN-123437
db:VULMONid:CVE-2018-13383
db:BIDid:108539
db:JVNDBid:JVNDB-2018-015559
db:CNNVDid:CNNVD-201904-116
db:NVDid:CVE-2018-13383

LAST UPDATE DATE

2024-11-23T22:55:33.036000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-123437date:2020-01-22T00:00:00
db:VULMONid:CVE-2018-13383date:2021-03-16T00:00:00
db:BIDid:108539date:2019-06-03T00:00:00
db:JVNDBid:JVNDB-2018-015559date:2019-06-12T00:00:00
db:CNNVDid:CNNVD-201904-116date:2021-03-17T00:00:00
db:NVDid:CVE-2018-13383date:2024-11-21T03:46:59.807

SOURCES RELEASE DATE

db:VULHUBid:VHN-123437date:2019-05-29T00:00:00
db:VULMONid:CVE-2018-13383date:2019-05-29T00:00:00
db:BIDid:108539date:2019-06-03T00:00:00
db:JVNDBid:JVNDB-2018-015559date:2019-06-12T00:00:00
db:CNNVDid:CNNVD-201904-116date:2019-04-03T00:00:00
db:NVDid:CVE-2018-13383date:2019-05-29T18:29:00.693