cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-26119,https://securityvulnerability.io/vulnerability/CVE-2022-26119,Improper Authentication in Fortinet FortiSIEM Affects Glassfish Server,"An improper authentication vulnerability in Fortinet's FortiSIEM prior to version 6.5.0 allows local attackers with CLI access to interact directly with the Glassfish server using a hardcoded password. This flaw opens avenues for unauthorized operations within the network, potentially leading to further exploitation if not promptly addressed.",Fortinet,Fortinet Fortisiem,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-11-02T00:00:00.000Z,0
CVE-2019-17653,https://securityvulnerability.io/vulnerability/CVE-2019-17653,Cross-Site Request Forgery Vulnerability in Fortinet FortiSIEM,"A Cross-Site Request Forgery (CSRF) vulnerability exists in the user interface of Fortinet's FortiSIEM 5.2.5. This security flaw enables a remote, unauthenticated attacker to execute arbitrary actions on behalf of authenticated users. By enticing a victim to click on a malicious link, attackers can exploit active user sessions, creating potential risks for data manipulation and unauthorized access.",Fortinet,Fortinet Fortisiem,8.8,HIGH,0.0008299999753944576,false,,false,false,false,,,false,false,,2020-03-12T22:07:43.000Z,0
CVE-2019-17651,https://securityvulnerability.io/vulnerability/CVE-2019-17651,Stored Cross Site Scripting Vulnerability in FortiSIEM by Fortinet,"An improper neutralization of input vulnerability exists in FortiSIEM that affects the description and title parameters in the Device Maintenance Schedule. This flaw can be exploited by a remote, authenticated attacker to execute a Stored Cross-Site Scripting (XSS) attack. By injecting malicious JavaScript into the description field, the attacker can execute arbitrary scripts within the context of a user’s session, potentially leading to unauthorized actions or data exposure.",Fortinet,Fortinet Fortisiem,5.4,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2020-01-28T00:44:30.000Z,0
CVE-2019-16153,https://securityvulnerability.io/vulnerability/CVE-2019-16153,Hard-Coded Password Vulnerability in Fortinet FortiSIEM Database Component,"A hard-coded password vulnerability exists in the Fortinet FortiSIEM database component, specifically in versions 5.2.5 and earlier. This flaw allows unauthorized access to the device's database through the exploitation of static credentials, enabling potential attackers to bypass security measures and gain access to sensitive information.",Fortinet,Fortinet Fortisiem,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2020-01-23T16:39:59.000Z,0
CVE-2019-6700,https://securityvulnerability.io/vulnerability/CVE-2019-6700,Information Exposure Vulnerability in FortiSIEM by Fortinet,"An information exposure vulnerability exists in FortiSIEM that could allow an authenticated attacker to access sensitive data, specifically the external authentication password, through the HTML source code of the external authentication profile form. This could lead to unauthorized access and potential compromise of the authenticated sessions.",Fortinet,Fortinet Fortisiem,6.5,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2020-01-07T18:19:04.000Z,0
CVE-2018-13378,https://securityvulnerability.io/vulnerability/CVE-2018-13378,Information Disclosure Vulnerability in Fortinet FortiSIEM Affected by LDAP Password Exposure,"An information disclosure vulnerability exists in Fortinet's FortiSIEM 5.2.0 and earlier versions. This flaw allows unauthorized access to the plaintext password of the LDAP server through the HTML source code, potentially exposing sensitive authentication credentials. Organizations using these versions are urged to assess their security posture and apply necessary mitigations.",Fortinet,Fortinet Fortisiem,7.2,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2019-04-17T14:41:29.000Z,0