An Improper Restriction of Excessive Authentication Attempts [CWE-307] in FortiSIEM below 7.0.0 may allow a non-privileged user with access to several endpoints to brute force attack these endpoints.
2023-06-13T09:15:15.653
2024-11-21T07:25:03.170
Modified
CVSSv3.1: 8.1 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | fortinet | fortisiem | ≤ 5.1.3 | Yes |
| Application | fortinet | fortisiem | ≤ 5.3.3 | Yes |
| Application | fortinet | fortisiem | ≤ 6.3.3 | Yes |
| Application | fortinet | fortisiem | 5.2.1 | Yes |
| Application | fortinet | fortisiem | 5.2.2 | Yes |
| Application | fortinet | fortisiem | 5.2.5 | Yes |
| Application | fortinet | fortisiem | 5.2.6 | Yes |
| Application | fortinet | fortisiem | 5.2.7 | Yes |
| Application | fortinet | fortisiem | 5.2.8 | Yes |
| Application | fortinet | fortisiem | 5.4.0 | Yes |
| Application | fortinet | fortisiem | 6.1.0 | Yes |
| Application | fortinet | fortisiem | 6.1.1 | Yes |
| Application | fortinet | fortisiem | 6.1.2 | Yes |
| Application | fortinet | fortisiem | 6.2.0 | Yes |
| Application | fortinet | fortisiem | 6.2.1 | Yes |
| Application | fortinet | fortisiem | 6.4.0 | Yes |
| Application | fortinet | fortisiem | 6.4.1 | Yes |
| Application | fortinet | fortisiem | 6.4.2 | Yes |
| Application | fortinet | fortisiem | 6.5.0 | Yes |
| Application | fortinet | fortisiem | 6.5.1 | Yes |
| Application | fortinet | fortisiem | 6.6.0 | Yes |
| Application | fortinet | fortisiem | 6.6.1 | Yes |
| Application | fortinet | fortisiem | 6.6.2 | Yes |
| Application | fortinet | fortisiem | 6.6.3 | Yes |
| Application | fortinet | fortisiem | 6.7.0 | Yes |