CPE-1859B3D5-51AA-4AB8-9B8A-A0A101742B43 Détail

CPE Details

Fortinet FortiSIEM 5.3.2

Vendor

fortinet

Product

fortisiem

Version

5.3.2

Created

2022-11-02
15h28 +00:00

Modifié

2022-11-02
15h30 +00:00

Liens officiels

CPE NVD

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Gestion des notifications

Liste des Notifications

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Paramètres

Vous pouvez spécifier un titre qui sera récupéré dans les alertes qui seront envoyées.

CPE ID

Planifications

Mois

Prochaine exécution calculée

Jour

Jour de la semaine

Heure

Minute

Date de création

Dernière exécution

Prochaine exécution

Fonctionnalité nécessitant une connexion

Cette fonctionnalité qui vous permet de recevoir des alertes, n'est active que lorsque vous êtes connecté à votre compte.

CPE Name: cpe:2.3:a:fortinet:fortisiem:5.3.2:::::::*

Informations

Vendor

fortinet

Product

fortisiem

Version

5.3.2

Related CVE

Open and find in CVE List

CVE ID	Publié	Description	Score	Gravité
CVE-2023-45585	2023-11-14 18h05 +00:00	An insertion of sensitive information into log file vulnerability [CWE-532] in FortiSIEM version 7.0.0, version 6.7.6 and below, version 6.6.3 and below, version 6.5.1 and below, version 6.4.2 and below, version 6.3.3 and below, version 6.2.1 and below, version 6.1.2 and below, version 5.4.0, version 5.3.3 and below may allow an authenticated user to view an encrypted ElasticSearch password via debug log files generated when FortiSIEM is configured with ElasticSearch Event Storage.	3.3	Bas
CVE-2023-36553	2023-11-14 18h05 +00:00	A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 5.4.0 and 5.3.0 through 5.3.3 and 5.2.5 through 5.2.8 and 5.2.1 through 5.2.2 and 5.1.0 through 5.1.3 and 5.0.0 through 5.0.1 and 4.10.0 and 4.9.0 and 4.7.2 allows attacker to execute unauthorized code or commands via crafted API requests.	9.8	Critique
CVE-2023-26204	2023-06-13 08h41 +00:00	A plaintext storage of a password vulnerability [CWE-256] in FortiSIEM 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions, 6.1 all versions, 5.4 all versions, 5.3 all versions may allow an attacker able to access user DB content to impersonate any admin user on the device GUI.	9.8	Critique
CVE-2022-43949	2023-06-13 08h41 +00:00	A use of a broken or risky cryptographic algorithm [CWE-327] in Fortinet FortiSIEM before 6.7.1 allows a remote unauthenticated attacker to perform brute force attacks on GUI endpoints via taking advantage of outdated hashing methods.	7.5	Haute
CVE-2022-42478	2023-06-13 08h41 +00:00	An Improper Restriction of Excessive Authentication Attempts [CWE-307] in FortiSIEM below 7.0.0 may allow a non-privileged user with access to several endpoints to brute force attack these endpoints.	8.8	Haute
CVE-2022-26119	2022-11-01 23h00 +00:00	A improper authentication vulnerability in Fortinet FortiSIEM before 6.5.0 allows a local attacker with CLI access to perform operations on the Glassfish server directly via a hardcoded password.	7.8	Haute

Fortinet FortiSIEM 5.3.2

CPE Details

CPE Name: cpe:2.3:a:fortinet:fortisiem:5.3.2:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:fortinet:fortisiem:5.3.2:::::::*