Home

CVE-2018-13366

Description

An information disclosure vulnerability in Fortinet FortiOS 6.0.1, 5.6.7 and below allows attacker to reveals serial number of FortiGate via hostname field defined in connection control setup packets of PPTP protocol.

Risk Information

Base Score
5.3
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
0.237

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2018-13365 ,CVE-2018-13366 ,CVE-2018-9192 ,CVE-2018-9194 are affected in fortios 6.0.1NCM
Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-13366)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234