CVE-2018-13371: Input Validation
First published: Thu Apr 02 2020(Updated: )
An external control of system vulnerability in FortiOS may allow an authenticated, regular user to change the routing settings of the device via connecting to the ZebOS component.
Credit: psirt@fortinet.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fortinet FortiOS | <=5.4.10 | |
| Fortinet FortiOS | >=5.6.0<=5.6.7 | |
| Fortinet FortiOS | >=6.0.0<=6.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-13371?
CVE-2018-13371 is an external control of system vulnerability in FortiOS that may allow an authenticated regular user to change the routing settings of the device via connecting to the ZebOS component.
How does CVE-2018-13371 affect Fortinet FortiOS?
CVE-2018-13371 affects Fortinet FortiOS versions 5.4.10, 5.6.0 to 5.6.7, and 6.0.0 to 6.0.2.
What is the severity of CVE-2018-13371?
The severity of CVE-2018-13371 is high with a severity score of 8.8.
How can I fix CVE-2018-13371?
To fix CVE-2018-13371, it is recommended to upgrade to a patched version of FortiOS.
Where can I find more information about CVE-2018-13371?
More information about CVE-2018-13371 can be found at the following link: [FortiGuard Advisory FG-IR-18-230](https://fortiguard.com/advisory/FG-IR-18-230).
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/references
- agent/author
- agent/severity
- agent/weakness
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/fortinet
- canonical/fortinet fortios
- version/fortinet fortios/5.4.10
- version/fortinet fortios/5.6.0
- version/fortinet fortios/5.6.7
- version/fortinet fortios/6.0.0
- version/fortinet fortios/6.0.2