CVE-2023-26204
3.7LOWA plaintext storage of a password vulnerability [CWE-256] in FortiSIEM 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions, 6.1 all versions, 5.4
Опубликовано: 6/13/2023Обновлено: 11/21/2024
Описание
A plaintext storage of a password vulnerability [CWE-256] in FortiSIEM 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions, 6.1 all versions, 5.4 all versions, 5.3 all versions may allow an attacker able to access user DB content to impersonate any admin user on the device GUI.
ИИ-АнализНа базе ИИ
Затронутые продукты
fortinetfortisiem
fortinetfortisiem
fortinetfortisiem
fortinetfortisiem
fortinetfortisiem
5.4.0
fortinetfortisiem
6.1.0
fortinetfortisiem
6.1.1
fortinetfortisiem
6.1.2
fortinetfortisiem
6.2.0
fortinetfortisiem
6.2.1
fortinetfortisiem
6.4.0
fortinetfortisiem
6.4.1
fortinetfortisiem
6.4.2
fortinetfortisiem
6.5.0
fortinetfortisiem
6.5.1
Ссылки
- https://fortiguard.com/psirt/FG-IR-21-141Vendor Advisory
- https://fortiguard.com/psirt/FG-IR-21-141Vendor Advisory