CVE-2023-26204
published 2023-06-13CVE-2023-26204: A plaintext storage of a password vulnerability [CWE-256] in FortiSIEM 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
A plaintext storage of a password vulnerability [CWE-256] in FortiSIEM 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions, 6.1 all versions, 5.4 all versions, 5.3 all versions may allow an attacker able to access user DB content to impersonate any admin user on the device GUI.
Affected
20 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortisiem | — | — |
| fortinet | fortisiem | — | — |
| fortinet | fortisiem | — | — |
| fortinet | fortisiem | — | — |
| fortinet | fortisiem | — | — |
| fortinet | fortisiem | — | — |
| fortinet | fortisiem | — | — |
| fortinet | fortisiem | — | — |
| fortinet | fortisiem | — | — |
| fortinet | fortisiem | — | — |
| fortinet | fortisiem | — | — |
| fortinet | fortisiem | — | — |
| fortinet | fortisiem | 5.3.0 – 5.3.3 | — |
| fortinet | fortisiem | 6.1.0 – 6.1.2 | — |
| fortinet | fortisiem | 6.2.0 – 6.2.1 | — |
| fortinet | fortisiem | 6.3.0 – 6.3.3 | — |
| fortinet | fortisiem | 6.4.0 – 6.4.2 | — |
| fortinet | fortisiem | 6.5.0 – 6.5.1 | — |
| fortinet | fortisiem | 6.6.0 – 6.6.3 | — |
| fortinet | fortisiem | 6.7.0 – 6.7.5 | — |