CVE-2018-13367
An information exposure vulnerability in FortiOS 6.2.3, 6.2.0 and below may allow an unauthenticated attacker to gain platform information such as version, models, via parsing a JavaScript file through admin webUI.
Published
2019-08-23T21:15:10.600
Last Modified
2024-11-21T03:46:58.317
Status
Modified
Source
[email protected]
Severity
CVSSv3.0: 5.3 (MEDIUM)
CVSSv2 Vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
- Access Vector: NETWORK
- Access Complexity: LOW
- Authentication: NONE
- Confidentiality Impact: PARTIAL
- Integrity Impact: NONE
- Availability Impact: NONE
Exploitability Score
10.0
Impact Score
2.9
Weaknesses
Affected Vendors & Products
| Type |
Vendor |
Product |
Version/Range |
Vulnerable? |
| Operating System |
fortinet
|
fortios
|
≤ 6.2.0 |
Yes
|
References