FortiSIEM - Windows agent password is visible in the logs

Nov. 14, 2023, 8 a.m. |

FortiGuard Labs | FortiGuard Center - IR Advisories fortiguard.fortinet.com

An exposure of sensitive information to an unauthorized actor [CWE-200] in FortiSIEM may allow an attacker with access to windows agent logs to obtain the windows agent password via searching through the logs.

access actor agent attacker cwe exposure fortisiem information logs may password sensitive sensitive information visible windows

Visit resource

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - IR Advisories

FortiOS - Web server ETag exposure 1 month ago | fortiguard.fortinet.com

actor attacker cwe device +17

FortiSandbox - Arbitrary file read on endpoint 1 month ago | fortiguard.fortinet.com

arbitrary files attacker cwe directory +12

FortiNAC-F - Lack of certificate validation 1 month ago | fortiguard.fortinet.com

attack attacker certificate channel +12

FortiOS - Format String in CLI command 1 month ago | fortiguard.fortinet.com

access admin arbitrary code attacker +16

FortiOS & FortiProxy - administrator cookie leakage 1 month ago | fortiguard.fortinet.com

administrator attacker conditions cookie +10

FortiSandbox - Arbitrary file delete on endpoint 1 month ago | fortiguard.fortinet.com

arbitrary files attacker cwe delete +13

FortiClientMac - Lack of configuration file validation 1 month ago | fortiguard.fortinet.com

arbitrary code attacker code configuration +15

FortiManager - Code Injection via Jinja Template 1 month ago | fortiguard.fortinet.com

arbitrary code attacker code code injection +11

FortiSandbox - Arbitrary file write on CLI leading to arbitrary code execution 1 month ago | fortiguard.fortinet.com

access admin arbitrary code arbitrary code execution +16

G230ISSO2 - Mid Level Information System Security Officer - Cleared

@ NiSUS Technologies | Annapolis Junction, Maryland, United States

View on infosec-jobs.com

Security Incident Response Engineer

@ Oracle | JALISCO, Mexico

View on infosec-jobs.com

Security Compliance Specialist

@ Cloudflare, Inc. | Hybrid or Remote

View on infosec-jobs.com

Senior Security DevOps

@ SAP | Sofia, BG, 1407

View on infosec-jobs.com

Senior Cyber Security Engineer

@ Node.Digital | Dulles, Virginia, United States

View on infosec-jobs.com

Manager, Data Insights and Forensics

@ Kroll | New York City, United States

View on infosec-jobs.com

View more jobs

all InfoSec news

FortiSIEM - Windows agent password is visible in the logs

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - IR Advisories

Jobs in InfoSec / Cybersecurity

G230ISSO2 - Mid Level Information System Security Officer - Cleared

Security Incident Response Engineer

Security Compliance Specialist

Senior Security DevOps

Senior Cyber Security Engineer

Manager, Data Insights and Forensics