CVE-2022-26119

Name of the Vulnerable Software and Affected Versions Fortinet FortiSIEM versions prior to 6.5.0

Description The issue is related to improper authentication in Fortinet FortiSIEM, allowing a local attacker with CLI access to perform operations on the Glassfish server directly via a hardcoded password. This is due to weaknesses in the authentication procedure and the use of default credentials when connecting to the Glassfish server. Exploitation of this issue may allow an attacker to gain unauthorized access to protected information.

Recommendations For Fortinet FortiSIEM versions prior to 6.5.0, update to version 6.5.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the CLI and the Glassfish server to minimize the risk of exploitation. Avoid using default credentials for the Glassfish server connection until the issue is resolved.