VYPR
Unrated severityNVD Advisory· Published Jun 13, 2023· Updated Oct 22, 2024

CVE-2023-26204

CVE-2023-26204

Description

A plaintext storage of a password vulnerability [CWE-256] in FortiSIEM 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions, 6.1 all versions, 5.4 all versions, 5.3 all versions may allow an attacker able to access user DB content to impersonate any admin user on the device GUI.

Affected products

2
  • Fortinet/FortiSIEMllm-fuzzy2 versions
    <=6.7,<=6.6,<=6.5,<=6.4,<=6.3,<=6.2,<=6.1,<=5.4,<=5.3+ 1 more
    • (no CPE)range: <=6.7,<=6.6,<=6.5,<=6.4,<=6.3,<=6.2,<=6.1,<=5.4,<=5.3
    • (no CPE)range: 6.7.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.