A plaintext storage of a password vulnerability [CWE-256] in FortiSIEM 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions, 6.1 all versions, 5.4 all versions, 5.3 all versions may allow an attacker able to access user DB content to impersonate any admin user on the device GUI.

Related CVEs

CVE-2023-26204

Key Information

GHSA ID

GHSA-v8v4-f4rj-qhhf

Published

June 13, 2023 9:30 AM

Last Modified

April 4, 2024 4:45 AM

CVSS Score

9.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: June 18, 2025 6:25 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.