CVE-2018-13383

Fortinet FortiOS and FortiProxy Out-of-bounds Write

Severity Score

6.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

Yes

*KEV

Decision

Attend

*SSVC

Descriptions

A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle javascript href data when proxying webpages.

Un desbordamiento del búfer de la pila en Fortinet FortiOS versión 6.0.0 hasta 6.0.4, versión 5.6.0 hasta 5.6.10, versión 5.4.0 hasta 5.4.12, versión 5.2.14 y anteriores y FortiProxy versión 2.0.0, versión 1.2.8 y anteriores en el portal web de SSL VPN puede provocar la finalización del servicio web de SSL VPN para los usuarios registrados debido a un fallo en el manejo de los datos href de javascript al proxiar las páginas web

A heap buffer overflow in Fortinet FortiOS and FortiProxy may cause the SSL VPN web service termination for logged in users.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

Low

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:Attend

Exploitation

Active

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2018-07-06 CVE Reserved
2019-05-29 CVE Published
2022-01-10 Exploited in Wild
2022-07-10 KEV Due Date
2023-05-22 EPSS Updated
2024-10-23 CVE Updated
---------- First Exploit

CWE

CWE-787: Out-of-bounds Write

CAPEC

References (2)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://fortiguard.com/advisory/FG-IR-18-388	2021-03-16
https://fortiguard.com/advisory/FG-IR-20-229	2021-03-16

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Fortinet Search vendor "Fortinet"		Fortiproxy Search vendor "Fortinet" for product "Fortiproxy"				<= 1.2.8 Search vendor "Fortinet" for product "Fortiproxy" and version " <= 1.2.8"		-		Affected
Fortinet Search vendor "Fortinet"		Fortiproxy Search vendor "Fortinet" for product "Fortiproxy"				2.0.0 Search vendor "Fortinet" for product "Fortiproxy" and version "2.0.0"		-		Affected
Fortinet Search vendor "Fortinet"		Fortios Search vendor "Fortinet" for product "Fortios"				<= 5.2.14 Search vendor "Fortinet" for product "Fortios" and version " <= 5.2.14"		-		Affected
Fortinet Search vendor "Fortinet"		Fortios Search vendor "Fortinet" for product "Fortios"				>= 5.4.0 <= 5.4.12 Search vendor "Fortinet" for product "Fortios" and version " >= 5.4.0 <= 5.4.12"		-		Affected
Fortinet Search vendor "Fortinet"		Fortios Search vendor "Fortinet" for product "Fortios"				>= 5.6.0 <= 5.6.10 Search vendor "Fortinet" for product "Fortios" and version " >= 5.6.0 <= 5.6.10"		-		Affected
Fortinet Search vendor "Fortinet"		Fortios Search vendor "Fortinet" for product "Fortios"				>= 6.0.0 <= 6.0.4 Search vendor "Fortinet" for product "Fortios" and version " >= 6.0.0 <= 6.0.4"		-		Affected