CVE-2018-13374

Fortinet FortiOS and FortiADC contain an improper access control vulnerability that allows attackers to obtain the LDAP server login credentials configured in FortiGate by pointing a LDAP server connectivity test request to a rogue LDAP server. Vendor/Product: Fortinet FortiOS and FortiADC. Added to CISA KEV 2022-09-08; required action: Apply updates per vendor instructions.