Fortiguard

FortiProxy - Unauthenticated SSL VPN users password modification

Summary

An improper access control vulnerability in FortiProxy SSL VPN web portal may allow an unauthenticated and remote attacker to change local SSL-VPN users' passwords via specially crafted HTTP requests.

Affected Products

FortiProxy version 2.0.0

FortiProxy versions 1.2.8 and below. FortiProxy versions 1.1.6 and below. FortiProxy versions 1.0.7 and below.

Solutions

Please upgrade to FortiProxy versions 1.2.9 or above. Please upgrade to FortiProxy versions 2.0.1 or above.

Acknowledgement

Fortinet is pleased to thank Meh Chang and Orange Tsai from DEVCORE Security Research Team for reporting this vulnerability under responsible disclosure.

IR Number	FG-IR-20-231
Date	Jun 1, 2021
Severity	High
CVSSv3 Score	8.9
Impact	Improper Access Control
CVE ID	CVE-2018-13382
Affected Products	FortiProxy : 2.0.0, 1.2.8, 1.2.7, 1.2.6, 1.2.5, 1.2.4, 1.2.3, 1.2.2, 1.2.1, 1.2.0, 1.1.6
CVRF	Download

Network

Files and Endpoint

Application

Additional SOC Services

PSIRT Advisories

FortiProxy - Unauthenticated SSL VPN users password modification

Summary

Affected Products

Solutions

Acknowledgement

News / Research

Network

Files and Endpoint

Application

Additional SOC Services

FortiGate

FortiDeceptor

FortiClient

FortiMail

FortiEDR

FortiADC

FortiAnalyzer

FortiCWP

FortiWeb

FortiNDR

FortiSandBox

FortiTester

Threat Lookup

PSIRT

Resources

PSIRT Advisories

FortiProxy - Unauthenticated SSL VPN users password modification

Summary

Affected Products

Solutions

Acknowledgement