A plaintext storage of a password vulnerability [CWE-256] in FortiSIEM 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions, 6.1 all versions, 5.4 all versions, 5.3 all versions may allow an attacker able to access user DB content to impersonate any admin user on the device GUI.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-21-141 |
History
Tue, 22 Oct 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2023-06-13T08:41:46.337Z
Updated: 2024-10-22T20:45:34.996Z
Reserved: 2023-02-20T15:09:20.635Z
Link: CVE-2023-26204
Vulnrichment
Updated: 2024-08-02T11:39:06.667Z
NVD
Status : Modified
Published: 2023-06-13T09:15:16.417
Modified: 2023-11-07T04:09:29.907
Link: CVE-2023-26204
Redhat
No data.