Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown
CVE-2023-36553
Disclosure Date: November 14, 2023 (last updated November 21, 2023)
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 5.4.0 and 5.3.0 through 5.3.3 and 5.2.5 through 5.2.8 and 5.2.1 through 5.2.2 and 5.1.0 through 5.1.3 and 5.0.0 through 5.0.1 and 4.10.0 and 4.9.0 and 4.7.2 allows attacker to execute unauthorized code or commands via crafted API requests.
0
Attacker Value
Unknown
CVE-2022-42478
Disclosure Date: June 13, 2023 (last updated October 08, 2023)
An Improper Restriction of Excessive Authentication Attempts [CWE-307] in FortiSIEM below 7.0.0 may allow a non-privileged user with access to several endpoints to brute force attack these endpoints.
0
Attacker Value
Unknown
CVE-2019-17653
Disclosure Date: March 12, 2020 (last updated February 21, 2025)
A Cross-Site Request Forgery (CSRF) vulnerability in the user interface of Fortinet FortiSIEM 5.2.5 could allow a remote, unauthenticated attacker to perform arbitrary actions using an authenticated user's session by persuading the victim to follow a malicious link.
0