A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4 allows attacker to obtain the LDAP server login credentials configured in FortiGate via pointing a LDAP server connectivity test request to a rogue LDAP server instead of the configured one.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/advisory/FG-IR-18-157 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2019-01-22T14:00:00
Updated: 2024-08-05T09:00:35.217Z
Reserved: 2018-07-06T00:00:00
Link: CVE-2018-13374
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-01-22T14:29:00.220
Modified: 2024-06-28T14:04:14.410
Link: CVE-2018-13374
Redhat
No data.