Fortinet: >> Fortisiem >> 6.7.5 Security Vulnerabilities
A exposure of sensitive information to an unauthorized actor in Fortinet FortiSIEM version 6.7.0 through 6.7.5 allows attacker to information disclosure via a crafted http request.
CVSS Score
4.3
EPSS Score
0.005
Published
2023-09-13
A plaintext storage of a password vulnerability [CWE-256] in FortiSIEM 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions, 6.1 all versions, 5.4 all versions, 5.3 all versions may allow an attacker able to access user DB content to impersonate any admin user on the device GUI.
CVSS Score
3.7
EPSS Score
0.002
Published
2023-06-13
Page 2