THREATOPS
THREAT OPSCVEs › CVE-2018-13374

CVE-2018-13374 — Fortinet FortiOS and FortiADC Improper Access Control Vulnerability

CISA KEVExploited: confirmedFortinet

Fortinet FortiOS and FortiADC contain an improper access control vulnerability that allows attackers to obtain the LDAP server login credentials configured in FortiGate by pointing a LDAP server connectivity test request to a rogue LDAP server.

Vulnerability details