CVE-2018-13376

Summary

An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response.

Affected Software

VendorProductVersion RangeStatus
Fortinet, Inc.Fortinet FortiOSFortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versionsaffected

Weaknesses

  • Information disclosure

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References