Описание
An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests.
An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-13382
- https://devco.re/blog/2019/08/09/attacking-ssl-vpn-part-2-breaking-the-Fortigate-ssl-vpn
- https://fortiguard.com/advisory/FG-IR-18-389
- https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-13382
- https://www.fortiguard.com/psirt/FG-IR-20-231
- http://packetstormsecurity.com/files/160130/Fortinet-FortiOS-6.0.4-Password-Modification.html
- http://www.securityfocus.com/bid/108697
Связанные уязвимости
An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests
Уязвимость SSL VPN веб-портала операционной системы FortiOS, связанная с ошибками в работе механизма авторизации на веб-портале, позволяющая нарушителю изменить пароль пользователя веб-портала