A plaintext storage of a password vulnerability [CWE-256] in FortiSIEM 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions, 6.1 all versions, 5.4 all versions, 5.3 all versions may allow an attacker able to access user DB content to impersonate any admin user on the device GUI.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-21-141 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2023-06-13T08:41:46.337Z
Updated: 2024-08-02T11:39:06.667Z
Reserved: 2023-02-20T15:09:20.635Z
Link: CVE-2023-26204
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-06-13T09:15:16.417
Modified: 2023-11-07T04:09:29.907
Link: CVE-2023-26204
Redhat
No data.