CVE-2018-13365

MEDIUM

Fortinet FortiOS < 5.6.5 - Information Exposure via Application Control Block Page

Title source: llm

Description

An Information Exposure vulnerability in Fortinet FortiOS 6.0.1, 5.6.5 and below, allow attackers to learn private IP as well as the hostname of FortiGate via Application Control Block page.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://fortiguard.com/advisory/FG-IR-18-085

Scores

CVSS v3 5.3

EPSS 0.0024

EPSS Percentile 46.7%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-200

Status published

Products (1)

fortinet/fortios < 5.6.5

Published May 29, 2019

Tracked Since Feb 18, 2026