{"containers": {"cna": {"affected": [{"product": "Fortinet FortiOS", "vendor": "Fortinet, Inc.", "versions": [{"status": "affected", "version": "FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions"}]}], "datePublic": "2018-11-27T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response."}], "problemTypes": [{"descriptions": [{"description": "Information disclosure", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-12-17T14:57:01.000Z", "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet"}, "references": [{"name": "106036", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/106036"}, {"tags": ["x_refsource_MISC"], "url": "https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180031.txt"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://fortiguard.com/advisory/FG-IR-18-325"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@fortinet.com", "ID": "CVE-2018-13376", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Fortinet FortiOS", "version": {"version_data": [{"version_value": "FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions"}]}}]}, "vendor_name": "Fortinet, Inc."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Information disclosure"}]}]}, "references": {"reference_data": [{"name": "106036", "refsource": "BID", "url": "http://www.securityfocus.com/bid/106036"}, {"name": "https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180031.txt", "refsource": "MISC", "url": "https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180031.txt"}, {"name": "https://fortiguard.com/advisory/FG-IR-18-325", "refsource": "CONFIRM", "url": "https://fortiguard.com/advisory/FG-IR-18-325"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T09:00:35.117Z"}, "title": "CVE Program Container", "references": [{"name": "106036", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/106036"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180031.txt"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://fortiguard.com/advisory/FG-IR-18-325"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-24T20:09:58.734329Z", "id": "CVE-2018-13376", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-25T14:31:22.847Z"}}]}, "cveMetadata": {"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "assignerShortName": "fortinet", "cveId": "CVE-2018-13376", "datePublished": "2018-11-27T15:00:00.000Z", "dateReserved": "2018-07-06T00:00:00.000Z", "dateUpdated": "2024-10-25T14:31:22.847Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.securityfocus.com/bid/106036", "name": "106036", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"]}, {"url": "https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180031.txt", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://fortiguard.com/advisory/FG-IR-18-325", "tags": ["x_refsource_CONFIRM", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T09:00:35.117Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2018-13376", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-24T20:09:58.734329Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-25T14:18:09.131Z"}}], "cna": {"affected": [{"vendor": "Fortinet, Inc.", "product": "Fortinet FortiOS", "versions": [{"status": "affected", "version": "FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions"}]}], "datePublic": "2018-11-27T00:00:00.000Z", "references": [{"url": "http://www.securityfocus.com/bid/106036", "name": "106036", "tags": ["vdb-entry", "x_refsource_BID"]}, {"url": "https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180031.txt", "tags": ["x_refsource_MISC"]}, {"url": "https://fortiguard.com/advisory/FG-IR-18-325", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Information disclosure"}]}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2018-12-17T14:57:01.000Z"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions"}]}, "product_name": "Fortinet FortiOS"}]}, "vendor_name": "Fortinet, Inc."}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securityfocus.com/bid/106036", "name": "106036", "refsource": "BID"}, {"url": "https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180031.txt", "name": "https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180031.txt", "refsource": "MISC"}, {"url": "https://fortiguard.com/advisory/FG-IR-18-325", "name": "https://fortiguard.com/advisory/FG-IR-18-325", "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Information disclosure"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2018-13376", "STATE": "PUBLIC", "ASSIGNER": "psirt@fortinet.com"}}}}, "cveMetadata": {"cveId": "CVE-2018-13376", "state": "PUBLISHED", "dateUpdated": "2024-10-25T14:31:22.847Z", "dateReserved": "2018-07-06T00:00:00.000Z", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "datePublished": "2018-11-27T15:00:00.000Z", "assignerShortName": "fortinet"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "matchCriteriaId": "E87EA862-D58B-4C52-BFF0-54B8D01BC569", "versionEndIncluding": "5.2.12", "vulnerable": true}, {"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "matchCriteriaId": "4200DCE0-8A28-4E77-A687-E89C582B7D30", "versionEndIncluding": "5.4.7", "versionStartIncluding": "5.4.6", "vulnerable": true}, {"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "matchCriteriaId": "15CA187D-7F6A-454C-9E95-EE61D578EC10", "versionEndIncluding": "5.6.3", "versionStartIncluding": "5.6.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response."}, {"lang": "es", "value": "Existe una fuga del b\u00fafer de memoria sin inicializar en Fortinet FortiOS, de la versi\u00f3n 5.6.1 a la 5.6.3, de la versi\u00f3n 5.4.6 a la 5.4.7 y en todas las versiones desde la 5.2 bajo las p\u00e1ginas web de renuncia de respuesta del proxy web, lo que podr\u00eda provocar que los datos sensibles se muestren en la respuesta HTTP."}], "id": "CVE-2018-13376", "lastModified": "2024-11-21T03:46:59.020", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-11-27T15:29:00.227", "references": [{"source": "psirt@fortinet.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/106036"}, {"source": "psirt@fortinet.com", "tags": ["Vendor Advisory"], "url": "https://fortiguard.com/advisory/FG-IR-18-325"}, {"source": "psirt@fortinet.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180031.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/106036"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://fortiguard.com/advisory/FG-IR-18-325"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180031.txt"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}