On November 14, Fortinet released an advisory regarding a critical vulnerability affecting FortiSIEM which may allow a remote unauthenticated attacker to execute unauthorised commands via crafted API requests.

FortiSIEM Vulnerability

FortiSIEM Vulnerability

History

• 20/11/2023 - v1.0 - Initial publication
• 21/11/2023 - v1.1 - Correction of the CVE ID

Summary

On November 14, Fortinet released an advisory regarding a critical vulnerability affecting FortiSIEM which may allow a remote unauthenticated attacker to execute unauthorized commands via crafted API requests[1].

Technical Details

The vulnerability CVE-2023-36553, with a CVSS score of 9.3 out of 10, is due to an improper neutralization of special elements in FortiSIEM report server. The exploitation of this vulnerability by a remote unauthenticated attacker could lead to the execution of unauthorized commands via crafted API requests.

Affected Products

This vulnerability affects the following versions of FortiSIEM:

• FortiSIEM 5.4 all versions
• FortiSIEM 5.3 all versions
• FortiSIEM 5.2 all versions
• FortiSIEM 5.1 all versions
• FortiSIEM 5.0 all versions
• FortiSIEM 4.10 all versions
• FortiSIEM 4.9 all versions
• FortiSIEM 4.7 all versions

Recommendations

It is recommended to update FortiSIEM to the latest version as soon as possible[1].

References

• [1] https://www.fortiguard.com/psirt/FG-IR-23-135

This post was generated entirely by an AI language model. Source: https://cert.europa.eu/