CVE-2018-13384

Severity CVSS v4.0:
Pending analysis
Type:
CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
Publication date:
04/06/2019
Last modified:
05/06/2019

Description

A Host Header Redirection vulnerability in Fortinet FortiOS all versions below 6.0.5 under SSL VPN web portal allows a remote attacker to potentially poison HTTP cache and subsequently redirect SSL VPN web portal users to arbitrary web domains.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* 6.0.5 (excluding)


References to Advisories, Solutions, and Tools