Information disclosure in FortiOS - CVE-2018-13374
Published: November 29, 2018 / Updated: September 8, 2022
Vulnerability identifier: #VU16172
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A/U:Clear
CVE-ID: CVE-2018-13374
CWE-ID: CWE-200
Exploitation vector: Local access
Exploit availability:
The vulnerability is being exploited in the wild
Vendor: Fortinet, Inc
Affected software:
FortiOS
FortiOS
Detailed vulnerability description
The vulnerability allows a local attacker with admin privileges to obtain potentially sensitive information.
The weakness exists due to information exposure. A Fortigate's read-only admin can point a LDAP server connectivity test request to a rogue LDAP server instead of the configured one to obtain the LDAP server login credentials configured in the FortiGate.
The weakness exists due to information exposure. A Fortigate's read-only admin can point a LDAP server connectivity test request to a rogue LDAP server instead of the configured one to obtain the LDAP server login credentials configured in the FortiGate.
How to mitigate CVE-2018-13374
Update to version 6.0.3.