CVE-2019-6700

CVE Database · CVE-2019-6700

CVE-2019-6700

· MEDIUMModified

CVSS v3.1

6.5

EPSS

0.89%

Published

Jan 7, 2020

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An information exposure vulnerability in the external authentication profile form of FortiSIEM 5.2.2 and earlier may allow an authenticated attacker to retrieve the external authentication password via the HTML source code.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Weaknesses (CWE)

CWE-200CWE-522

Affected Products (1)

fortinet · fortisiem (up to 5.2.5)vulnerable

References (2)

https://fortiguard.com/advisory/FG-IR-19-100

Vendor Advisory

https://fortiguard.com/advisory/FG-IR-19-100

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs