all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

FortiManager & FortiAnalyzer - Use of hardcoded credentials in fmgsvrd

Add to bookmarks
Nov. 14, 2023, 8 a.m. |

FortiGuard Labs | FortiGuard Center - IR Advisories fortiguard.fortinet.com

A use of hard-coded credentials [CWE-798] in FortiManager and FortiAnalyzer may allow an attacker to access Fortinet dummy testing data via the use of static credentials. Those credentials have been revoked.

access attacker credentials cwe data fortianalyzer fortimanager fortinet hard hardcoded hard-coded credentials hardcoded credentials may testing

Visit resource

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - IR Advisories

FortiMail - User can see and modify address book folders title of other users 3 weeks, 1 day ago | fortiguard.fortinet.com
address attacker authorization book +8
FortiClient (Windows) - DLL Hijacking via openssl.cnf 3 weeks, 1 day ago | fortiguard.fortinet.com
attack attacker cwe dll +14
FortiMail - Login mechanism without rate limitation 3 weeks, 1 day ago | fortiguard.fortinet.com
attack attacker authentication brute +10
FortiOS & FortiProxy - DOS in headers management 3 weeks, 1 day ago | fortiguard.fortinet.com
attack attacker cwe device +13
FortiADC & FortiDDoS-F - CORS: arbitrary origin trusted 3 weeks, 1 day ago | fortiguard.fortinet.com
actions api attacker cors +15
FortiClient (Windows) - Arbitrary file deletion from unprivileged users 3 weeks, 1 day ago | fortiguard.fortinet.com
attacker authorization cwe deletion +9
FortiClient for Windows - Hardcoded credentials in vcm2.exe 3 weeks, 1 day ago | fortiguard.fortinet.com
attacker bypass credentials cwe +8
FortiEDRCollector (Windows) - Protection may be disabled by local attacker 3 weeks, 1 day ago | fortiguard.fortinet.com
access access control attacker control +15
FortiManager & FortiAnalyzer - Use of hardcoded credentials in fmgsvrd 3 weeks, 1 day ago | fortiguard.fortinet.com
access attacker credentials cwe +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Specialist

@ Protect Democracy | Remote, US
View on infosec-jobs.com

Sr Staff Software Engineer (L7- Network Security)

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

Cyber Threat Analyst, Senior

@ ManTech | 221BQ - Cstmr Site,Springfield,VA
View on infosec-jobs.com

Security Architect

@ Netcompany | Birmingham, United Kingdom
View on infosec-jobs.com

Sr. Security Architect

@ Datavant | Remote, United States
View on infosec-jobs.com

Cybersecurity Services Sales Executive

@ Rockwell Automation | United States of America Milwaukee (South 2nd Street)
View on infosec-jobs.com
View more jobs