FortiSIEM Injection Flaw: Let Attackers Execute Malicious Commands

Fortinet notifies users of a critical OS command injection vulnerability in the FortiSIEM report server that might enable an unauthenticated, remote attacker to execute malicious commands via crafted API requests. FortiSIEM is Fortinet’s security information and event management (SIEM) solution, which assists in identifying insider and incoming threats that could pass standard defenses.  “An improper […]

The post FortiSIEM Injection Flaw: Let Attackers Execute Malicious Commands appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform …

api attacker attackers command command injection critical cve cyber security enable event event management flaw fortinet fortisiem fortisiem injection flaw information injection injection flaw insider malicious malicious commands management pass report requests security server siem solution standard threats unauthenticated vulnerability