Fortinet FortiSIEM 6.5.2

CPE Details

Fortinet FortiSIEM 6.5.2
fortinet
fortisiem
6.5.2
2024-02-08
14h18 +00:00
2024-02-08
14h18 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:fortinet:fortisiem:6.5.2:*:*:*:*:*:*:*

Informations

Vendor

fortinet

Product

fortisiem

Version

6.5.2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-52969 2025-01-14 14h08 +00:00 An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in FortiSIEM ersion 7.1.7 and below, version 7.1.0, version 7.0.3 and below, version 6.7.9 and below, 6.7.8, version 6.6.5 and below, version 6.5.3 and below, version 6.4.4 and below Update/Create Case feature may allow an authenticated attacker to extract database information via crafted requests.
6.5
Medium
CVE-2024-23108 2024-02-05 13h26 +00:00 An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.1.0 through 7.1.1 and 7.0.0 through 7.0.2 and 6.7.0 through 6.7.8 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.2 and 6.4.0 through 6.4.2 allows attacker to execute unauthorized code or commands via via crafted API requests.
10
Critical
CVE-2024-23109 2024-02-05 13h26 +00:00 An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.1.0 through 7.1.1 and 7.0.0 through 7.0.2 and 6.7.0 through 6.7.8 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.2 and 6.4.0 through 6.4.2 allows attacker to execute unauthorized code or commands via via crafted API requests.
10
Critical