#VU18607 Improper Authorization in FortiOS - CVE-2018-13382
Published: May 27, 2019 / Updated: February 20, 2022
Vulnerability identifier: #VU18607
Vulnerability risk: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:A/U:Amber
CVE-ID: CVE-2018-13382
CWE-ID: CWE-285
Exploitation vector: Remote access
Exploit availability:
The vulnerability is being exploited in the wild
Vulnerable software:
FortiOS
FortiOS
Software vendor:
Fortinet, Inc
Fortinet, Inc
Description
The vulnerability allows a remote attacker to bypass authorization.
The vulnerability exists due to unspecified error within the SSL VPN web portal when processing HTTP requests. A remote non-authenticated attacker can send a specially crafted HTTP request to the SSL VPN web portal and change password for arbitrary account.
Successful exploitation of the vulnerability may allow an attacker to login to the SSL VPN web portal with a new password and gain unauthorized access to network resources.
Remediation
Install updates from vendor's website.
As a workaround, the vendor recommends disabling the SSL-VPN web portal service:
config vpn ssl settings
unset source-interface
end