Intrusion PreventionFortiOS.SSL.VPN.Web.Portal.Password.Authentication.Bypass
Description
This indicates an attack attempt to exploit an Authentication Bypass Vulnerability in FortiOS.
The vulnerability is due to an error in the vulnerable application when handling requests. An unauthenticated attacker can exploit this to modify the password of an SSL VPN user via a crafted request.
Affected Products
FortiOS 6.0.0 to 6.0.4 with SSL VPN Service enabled
FortiOS 5.6.0 to 5.6.8 with SSL VPN Service enabled
FortiOS 5.4.1 to 5.4.10 with SSL VPN Service enabled
Impact
Security Bypass: Remote attackers can bypass security mechanism on vulnerable systems
Recommended Actions
Apply the most recent upgrade or patch from the vendor. Or follow work around provided by the vendor.
https://fortiguard.com/psirt/FG-IR-18-389
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2024-03-21 | 27.753 | Name:FortiOS. SSL. VPN. Web. Portal. Password. Improper. Authentication:FortiOS. SSL. VPN. Web. Portal. Password. Authentication. Bypass |
| 2019-12-10 | 15.741 | Default_action:pass:drop |
| 2019-08-28 | 14.678 |
References
FG-IR-18-389| ID | 48324 |
| Created | Aug 29, 2019 |
| Updated | Mar 20, 2024 |
| Risk |
|
| CVE ID | CVE-2018-13382 |
| Known Exploited | Yes |
| Exploit Prediction Score | 88.7% |
| Default Action | drop |
| Active | |
| Affected OS | Other |
| Affected App | Other |