A buffer overflow vulnerability in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4 and earlier versions and FortiProxy 2.0.0, 1.2.8 and earlier versions under SSL VPN web portal allows a non-authenticated attacker to perform a Denial-of-service attack via special craft message payloads.
References
Link | Resource |
---|---|
https://fortiguard.com/advisory/FG-IR-18-387 | Mitigation Vendor Advisory |
https://fortiguard.com/advisory/FG-IR-20-232 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
16 Mar 2021, 02:41
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:* |
|
References | (CONFIRM) https://fortiguard.com/advisory/FG-IR-20-232 - Vendor Advisory |
09 Mar 2021, 16:15
Type | Values Removed | Values Added |
---|---|---|
Summary | A buffer overflow vulnerability in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4 and earlier versions and FortiProxy 2.0.0, 1.2.8 and earlier versions under SSL VPN web portal allows a non-authenticated attacker to perform a Denial-of-service attack via special craft message payloads. | |
References |
|
|
Information
Published : 2019-06-04 21:29
Updated : 2023-12-10 12:59
NVD link : CVE-2018-13381
Mitre link : CVE-2018-13381
CVE.ORG link : CVE-2018-13381
JSON object : View
Products Affected
fortinet
- fortiproxy
- fortios
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer