Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortisiem vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-41676
An exposure of sensitive information to an unauthorized actor [CWE-200] in FortiSIEM version 7.0.0 and prior to 6.7.5 may allow an attacker with access to windows agent logs to obtain the windows agent password via searching through the logs.
Fortinet Fortisiem
Fortinet Fortisiem 7.0.0
NA
CVE-2023-36553
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 5.4.0 and 5.3.0 up to and including 5.3.3 and 5.2.5 up to and including 5.2.8 and 5.2.1 up to and including 5.2.2 and 5.1.0 up to and including 5.1...
Fortinet Fortisiem 5.2.5
Fortinet Fortisiem 5.4.0
Fortinet Fortisiem 5.2.2
Fortinet Fortisiem 5.2.1
Fortinet Fortisiem
Fortinet Fortisiem 5.0.0
Fortinet Fortisiem 5.0.1
Fortinet Fortisiem 5.2.6
Fortinet Fortisiem 5.2.7
Fortinet Fortisiem 5.2.8
Fortinet Fortisiem 4.9.0
Fortinet Fortisiem 4.7.2
Fortinet Fortisiem 4.10.0
Fortinet Fortisiem 5.3.0
Fortinet Fortisiem 5.3.1
Fortinet Fortisiem 5.3.2
Fortinet Fortisiem 5.3.3
NA
CVE-2023-45585
An insertion of sensitive information into log file vulnerability [CWE-532] in FortiSIEM version 7.0.0, version 6.7.6 and below, version 6.6.3 and below, version 6.5.1 and below, version 6.4.2 and below, version 6.3.3 and below, version 6.2.1 and below, version 6.1.2 and below, v...
Fortinet Fortisiem 6.4.1
Fortinet Fortisiem 6.4.0
Fortinet Fortisiem 6.2.1
Fortinet Fortisiem 6.2.0
Fortinet Fortisiem 5.4.0
Fortinet Fortisiem
Fortinet Fortisiem 6.6.0
Fortinet Fortisiem 6.6.1
Fortinet Fortisiem 6.6.2
Fortinet Fortisiem 6.6.3
Fortinet Fortisiem 6.5.0
Fortinet Fortisiem 6.5.1
Fortinet Fortisiem 6.4.2
Fortinet Fortisiem 6.1.0
Fortinet Fortisiem 6.1.1
Fortinet Fortisiem 6.1.2
Fortinet Fortisiem 7.0.0
Fortinet Fortisiem 6.3.0
Fortinet Fortisiem 6.3.1
Fortinet Fortisiem 6.3.2
Fortinet Fortisiem 6.3.3
NA
CVE-2023-34992
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.0.0 and 6.7.0 up to and including 6.7.5 and 6.6.0 up to and including 6.6.3 and 6.5.0 up to and including 6.5.1 and 6.4.0 up to and including 6.4...
Fortinet Fortisiem 6.4.1
Fortinet Fortisiem 6.4.0
Fortinet Fortisiem 6.5.0
Fortinet Fortisiem 6.5.1
Fortinet Fortisiem 6.4.2
Fortinet Fortisiem
Fortinet Fortisiem 7.0.0
1 Github repository
3 Articles
NA
CVE-2023-36551
A exposure of sensitive information to an unauthorized actor in Fortinet FortiSIEM version 6.7.0 up to and including 6.7.5 allows malicious user to information disclosure via a crafted http request.
Fortinet Fortisiem
NA
CVE-2022-43949
A use of a broken or risky cryptographic algorithm [CWE-327] in Fortinet FortiSIEM prior to 6.7.1 allows a remote unauthenticated malicious user to perform brute force attacks on GUI endpoints via taking advantage of outdated hashing methods.
Fortinet Fortisiem 6.4.1
Fortinet Fortisiem 6.4.0
Fortinet Fortisiem
Fortinet Fortisiem 6.2.1
Fortinet Fortisiem 6.2.0
Fortinet Fortisiem 5.4.0
Fortinet Fortisiem 6.7.0
Fortinet Fortisiem 6.5.0
Fortinet Fortisiem 6.5.1
Fortinet Fortisiem 6.4.2
Fortinet Fortisiem 6.1.0
Fortinet Fortisiem 6.1.1
Fortinet Fortisiem 6.1.2
Fortinet Fortisiem 6.7.1
NA
CVE-2022-42478
An Improper Restriction of Excessive Authentication Attempts [CWE-307] in FortiSIEM below 7.0.0 may allow a non-privileged user with access to several endpoints to brute force attack these endpoints.
Fortinet Fortisiem 5.2.5
Fortinet Fortisiem 6.4.1
Fortinet Fortisiem 6.4.0
Fortinet Fortisiem
Fortinet Fortisiem 6.2.1
Fortinet Fortisiem 6.2.0
Fortinet Fortisiem 5.4.0
Fortinet Fortisiem 5.2.2
Fortinet Fortisiem 5.2.1
Fortinet Fortisiem 6.7.0
Fortinet Fortisiem 6.6.0
Fortinet Fortisiem 6.6.1
Fortinet Fortisiem 6.6.2
Fortinet Fortisiem 6.6.3
Fortinet Fortisiem 6.5.0
Fortinet Fortisiem 6.5.1
Fortinet Fortisiem 6.4.2
Fortinet Fortisiem 5.2.6
Fortinet Fortisiem 5.2.7
Fortinet Fortisiem 5.2.8
Fortinet Fortisiem 6.1.0
Fortinet Fortisiem 6.1.1
NA
CVE-2023-26204
A plaintext storage of a password vulnerability [CWE-256] in FortiSIEM 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions, 6.1 all versions, 5.4 all versions, 5.3 all versions may allow an attacker able to access user DB con...
Fortinet Fortisiem 6.4.1
Fortinet Fortisiem 6.4.0
Fortinet Fortisiem
Fortinet Fortisiem 6.2.1
Fortinet Fortisiem 6.2.0
Fortinet Fortisiem 5.4.0
Fortinet Fortisiem 6.5.0
Fortinet Fortisiem 6.5.1
Fortinet Fortisiem 6.4.2
Fortinet Fortisiem 6.1.0
Fortinet Fortisiem 6.1.1
Fortinet Fortisiem 6.1.2
NA
CVE-2022-26119
A improper authentication vulnerability in Fortinet FortiSIEM prior to 6.5.0 allows a local attacker with CLI access to perform operations on the Glassfish server directly via a hardcoded password.
Fortinet Fortisiem 6.4.1
Fortinet Fortisiem 6.4.0
Fortinet Fortisiem
Fortinet Fortisiem 6.2.1
Fortinet Fortisiem 6.2.0
Fortinet Fortisiem 5.4.0
Fortinet Fortisiem 5.2.2
Fortinet Fortisiem 5.2.1
Fortinet Fortisiem 5.0.0
Fortinet Fortisiem 5.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2