CVE-2022-43949

Name of the Vulnerable Software and Affected Versions Fortinet FortiSIEM versions prior to 6.7.1

Description The issue is related to the use of a broken or risky cryptographic algorithm, allowing a remote unauthenticated attacker to perform brute force attacks on GUI endpoints by taking advantage of outdated hashing methods. This can potentially allow an attacker to disclose protected information.

Recommendations For Fortinet FortiSIEM versions prior to 6.7.1, update to version 6.7.1 or later to resolve the issue. As a temporary workaround, consider restricting access to GUI endpoints to minimize the risk of exploitation.