A vulnerability in Fortinet FortiSIEM that exposes sensitive information to unauthorized actors, allowing the execution of unauthorized code or commands via API requests. This issue affects FortiSIEM versions 6.7.0 through 6.7.4, 6.6.0 through 6.6.3, 6.5.0 through 6.5.1, 6.4.0 through 6.4.2, 6.3.0 through 6.3.3, 6.2.0 through 6.2.1, 6.1.0 through 6.1.2, and versions 5.4.0, 5.3.0 through 5.3.3, 5.2.5 through 5.2.8, 5.2.1 through 5.2.2, and 5.1.0 through 5.1.3.
Exploitation of this vulnerability allows for unauthorized code execution on the affected system.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
