CVE-2024-55592

Name of the Vulnerable Software and Affected Versions: FortiSIEM versions 5.3 through 7.2

Description: The issue is related to an incorrect authorization vulnerability that may allow an authenticated attacker to perform unauthorized operations on incidents via crafted HTTP requests.

Recommendations: For FortiSIEM versions 5.3 through 7.2, consider restricting access to incident management features until a patch is available. As a temporary workaround, limit the ability to send crafted HTTP requests to minimize the risk of exploitation. Avoid using vulnerable API endpoints related to incident operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.