all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

FortiSIEM - Windows agent password is visible in the logs

Add to bookmarks
Nov. 14, 2023, 8 a.m. |

FortiGuard Labs | FortiGuard Center - IR Advisories fortiguard.fortinet.com

An exposure of sensitive information to an unauthorized actor [CWE-200] in FortiSIEM may allow an attacker with access to windows agent logs to obtain the windows agent password via searching through the logs.

access actor agent attacker cwe exposure fortisiem information logs may password sensitive sensitive information visible windows

Visit resource

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - IR Advisories

FortiMail - User can see and modify address book folders title of other users 3 weeks, 6 days ago | fortiguard.fortinet.com
address attacker authorization book +8
FortiClient (Windows) - DLL Hijacking via openssl.cnf 3 weeks, 6 days ago | fortiguard.fortinet.com
attack attacker cwe dll +14
FortiMail - Login mechanism without rate limitation 3 weeks, 6 days ago | fortiguard.fortinet.com
attack attacker authentication brute +10
FortiOS & FortiProxy - DOS in headers management 3 weeks, 6 days ago | fortiguard.fortinet.com
attack attacker cwe device +13
FortiADC & FortiDDoS-F - CORS: arbitrary origin trusted 3 weeks, 6 days ago | fortiguard.fortinet.com
actions api attacker cors +15
FortiClient (Windows) - Arbitrary file deletion from unprivileged users 3 weeks, 6 days ago | fortiguard.fortinet.com
attacker authorization cwe deletion +9
FortiClient for Windows - Hardcoded credentials in vcm2.exe 3 weeks, 6 days ago | fortiguard.fortinet.com
attacker bypass credentials cwe +8
FortiEDRCollector (Windows) - Protection may be disabled by local attacker 3 weeks, 6 days ago | fortiguard.fortinet.com
access access control attacker control +15
FortiManager & FortiAnalyzer - Use of hardcoded credentials in fmgsvrd 3 weeks, 6 days ago | fortiguard.fortinet.com
access attacker credentials cwe +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Specialist

@ Protect Democracy | Remote, US
View on infosec-jobs.com

Experienced Security Compliance - HITRUST

@ Gainwell Technologies | Any city, TX, US, 99999
View on infosec-jobs.com

24 x 7 Security Analyst

@ LRQA | Birmingham, GB, B37 7ES
View on infosec-jobs.com

Associate Information Security Governance - #catalystWSP

@ Singtel | Singapore, Singapore
View on infosec-jobs.com

Security Consulting and Risk Officer

@ Metrobank | Taguig, Philippines
View on infosec-jobs.com

Security Threat Analyst

@ Metrobank | Taguig, Philippines
View on infosec-jobs.com
View more jobs