Vulnerabilities > Fortinet > Fortisiem > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-13 | CVE-2022-42478 | Improper Restriction of Excessive Authentication Attempts vulnerability in Fortinet Fortisiem An Improper Restriction of Excessive Authentication Attempts [CWE-307] in FortiSIEM below 7.0.0 may allow a non-privileged user with access to several endpoints to brute force attack these endpoints. | 8.8 |
2023-06-13 | CVE-2022-43949 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Fortinet Fortisiem A use of a broken or risky cryptographic algorithm [CWE-327] in Fortinet FortiSIEM before 6.7.1 allows a remote unauthenticated attacker to perform brute force attacks on GUI endpoints via taking advantage of outdated hashing methods. | 7.5 |
2022-11-02 | CVE-2022-26119 | Use of Hard-coded Credentials vulnerability in Fortinet Fortisiem A improper authentication vulnerability in Fortinet FortiSIEM before 6.5.0 allows a local attacker with CLI access to perform operations on the Glassfish server directly via a hardcoded password. | 7.8 |
2020-01-23 | CVE-2019-16153 | Use of Hard-coded Credentials vulnerability in Fortinet Fortisiem A hard-coded password vulnerability in the Fortinet FortiSIEM database component version 5.2.5 and below may allow attackers to access the device database via the use of static credentials. | 7.5 |