FortiSIEM Database hard-coded Credentials


A hard-coded password vulnerability in the FortiSIEM database component may allow attackers to access the device database via the use of static credentials.

Affected Products

FortiSIEM 5.2.5 and below


Upgrade to FortiSIEM 5.2.6 or above


Fortinet is pleased to thank "Independent security researcher Srour Ganoush", "CERT CYBERPROTECT" and "Chris Armstrong from CSCI, Inc" for reporting this vulnerability under responsible disclosure, as well as the FortiGuard team.