COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2018-13382

CVE-2018-13382

Severity
critical · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2022-01-10
Reference
https://nvd.nist.gov/vuln/detail/CVE-2018-13382
⌖ exploited in the wild shame 80/100 ransomwareexploited-in-wild

An Improper Authorization vulnerability in Fortinet FortiOS and FortiProxy under SSL VPN web portal allows an unauthenticated attacker to modify the password.

Players implicated

Fortinet · vendorFortiOS and FortiProxy · product

Description

An Improper Authorization vulnerability in Fortinet FortiOS and FortiProxy under SSL VPN web portal allows an unauthenticated attacker to modify the password.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.