Vulnerability Database

311,377

Total vulnerabilities in the database

CVE-2018-1360

A cleartext transmission of sensitive information vulnerability in Fortinet FortiManager 5.2.0 through 5.2.7, 5.4.0 and 5.4.1 may allow an unauthenticated attacker in a man in the middle position to retrieve the admin password via intercepting REST API JSON responses.

  • Published: Apr 25, 2019
  • Updated: Nov 9, 2025
  • CVE: CVE-2018-1360
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:P/I:N/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
fortinet / fortimanager 5.4.1 5.4.1.x
fortinet / fortimanager 5.4.0 5.4.0.x
fortinet / fortimanager 5.2.0 5.2.7.x