CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-1360

A cleartext transmission of sensitive information vulnerability in Fortinet FortiManager 5.2.0 through 5.2.7, 5.4.0 and 5.4.1 may allow an unauthenticated attacker in a man in the middle position to retrieve the admin password via intercepting REST API JSON responses.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.8%

CVSS Severity

CVSS v3 Score 8.1

CVSS v2 Score 4.3

References

Products affected by CVE-2018-1360

Fortinet » Fortimanager » Version: 5.2.0

cpe:2.3:a:fortinet:fortimanager:5.2.0
Fortinet » Fortimanager » Version: 5.2.1

cpe:2.3:a:fortinet:fortimanager:5.2.1
Fortinet » Fortimanager » Version: 5.2.2

cpe:2.3:a:fortinet:fortimanager:5.2.2
Fortinet » Fortimanager » Version: 5.2.3

cpe:2.3:a:fortinet:fortimanager:5.2.3
Fortinet » Fortimanager » Version: 5.2.4

cpe:2.3:a:fortinet:fortimanager:5.2.4
Fortinet » Fortimanager » Version: 5.2.6

cpe:2.3:a:fortinet:fortimanager:5.2.6
Fortinet » Fortimanager » Version: 5.2.7

cpe:2.3:a:fortinet:fortimanager:5.2.7
Fortinet » Fortimanager » Version: 5.4.0

cpe:2.3:a:fortinet:fortimanager:5.4.0
Fortinet » Fortimanager » Version: 5.4.1

cpe:2.3:a:fortinet:fortimanager:5.4.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-1360

Products

Pricing

Contact Us