CVE-2018-13382

Fortinet FortiOS and FortiProxy Improper Authorization

An Improper Authorization vulnerability in Fortinet FortiOS and FortiProxy under SSL VPN web portal allows an unauthenticated attacker to modify the password. Vendor/Product: Fortinet FortiOS and FortiProxy. Added to CISA KEV 2022-01-10; required action: Apply updates per vendor instructions.

Category: Vulnerability, Known Exploited

Reference: NVD CVE-2018-13382