← Back to CVE List

CVE-2018-13382

Published: 2019-06-04T21:29Z
Last Modified: 2025-01-27T21:30Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests > MITRE Terms of Use apply – see LICENSE‑MITRE.txt