CVE-2019-17659
published 2025-03-17CVE-2019-17659: A use of hard-coded cryptographic key vulnerability in FortiSIEM version 5.2.6 may allow a remote unauthenticated attacker to obtain SSH access to the…
high8.1CVSS 3.1
AVNACHPRNUINSUCHIHAH
A use of hard-coded cryptographic key vulnerability in FortiSIEM version 5.2.6 may allow a remote unauthenticated attacker to obtain SSH access to the supervisor as the restricted user "tunneluser" by leveraging knowledge of the private key from another installation or a firmware image.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortisiem | < 5.2.7 | 5.2.7 |
| fortinet | fortisiem | — | — |
| fortinet | fortisiem | — | — |