Nov. 14, 2023, 8 a.m. |

FortiGuard Labs | FortiGuard Center - IR Advisories

An insertion of sensitive information into log file vulnerability [CWE-532] in FortiSIEM may allow an authenticated user to view an encrypted ElasticSearch password via debug log files generated when FortiSIEM is configured with ElasticSearch Event Storage.

cwe debug elasticsearch encrypted event file files fortisiem generated information log log files logs may password sensitive sensitive information storage vulnerability

Security Specialist

@ Protect Democracy | Remote, US

Sr Staff Software Engineer (L7- Network Security)

@ Palo Alto Networks | Santa Clara, CA, United States

Cyber Threat Analyst, Senior

@ ManTech | 221BQ - Cstmr Site,Springfield,VA

Security Architect

@ Netcompany | Birmingham, United Kingdom

Sr. Security Architect

@ Datavant | Remote, United States

Cybersecurity Services Sales Executive

@ Rockwell Automation | United States of America Milwaukee (South 2nd Street)