An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.
Metrics
Affected Vendors & Products
References
History
Wed, 23 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
kev
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2019-06-04T20:18:08
Updated: 2024-10-23T13:32:35.204Z
Reserved: 2018-07-06T00:00:00
Link: CVE-2018-13379
Vulnrichment
Updated: 2024-08-05T09:00:35.028Z
NVD
Status : Analyzed
Published: 2019-06-04T21:29:00.233
Modified: 2024-10-24T13:58:45.053
Link: CVE-2018-13379
Redhat
No data.