CVE-2018-13367

Name of the Vulnerable Software and Affected Versions FortiOS versions 6.2.3, 6.2.0 and below

Description An information exposure issue may allow an unauthenticated attacker to gain platform information, such as version and models, by parsing a JavaScript file through the admin webUI.

Recommendations For FortiOS versions 6.2.3, 6.2.0 and below, consider restricting access to the admin webUI to minimize the risk of exploitation. As a temporary workaround, consider disabling JavaScript file parsing in the admin webUI until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.