OS Command Injection Vulnerability in Fortinet FortiSIEM
CVE-2023-36553
9.3CRITICAL
Key Information:
Badges
π° News Worthy
Summary
An OS command injection vulnerability exists in Fortinet FortiSIEM, affecting multiple versions, which allows attackers to execute unauthorized commands or code through specially crafted API requests. This could lead to potential security breaches, allowing attackers to manipulate system behavior or access sensitive information. It is essential to apply the latest updates and patches to safeguard against such vulnerabilities.
Affected Version(s)
FortiSIEM 5.4.0
FortiSIEM 5.3.0 <= 5.3.3
FortiSIEM 5.2.5 <= 5.2.8
Get notified when SecurityVulnerability.io launches alerting π
Well keep you posted π§
News Articles
CybersecurityNewsCVE-2023-36553FortiSIEM Injection Flaw Let Attackers Execute Malicious Commands
Cybersecurity researchers identified a FortiSIEM injection flaw that lets execute malicious commands & tracked as "CVE-2023-36553."
1 year ago
References
CVSS V3.1
Score:
9.3
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
- π°
First article discovered by CybersecurityNews
Vulnerability published
Vulnerability Reserved