CVE-2018-13375

Name of the Vulnerable Software and Affected Versions FortiManager versions 5.6.0 and below FortiAnalyzer versions 5.6.0 and below

Description The issue is related to the failure to protect the web page structure, allowing an attacker to redirect users to a malicious web page. An improper neutralization of script-related HTML tags in FortiAnalyzer and FortiManager enables an attacker to send a DHCP request containing malicious scripts in the HOSTNAME parameter. The malicious script code is executed when viewing logs in FortiAnalyzer and FortiManager (with the FortiAnalyzer feature enabled).

Recommendations For FortiManager versions 5.6.0 and below, consider disabling the FortiAnalyzer feature until a patch is available. For FortiAnalyzer versions 5.6.0 and below, restrict access to the log viewing functionality to minimize the risk of exploitation. Avoid using the HOSTNAME parameter in DHCP requests until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.