An insertion of sensitive information into log file vulnerability [CWE-532] in FortiSIEM version 7.0.0, version 6.7.6 and below, version 6.6.3 and below, version 6.5.1 and below, version 6.4.2 and below, version 6.3.3 and below, version 6.2.1 and below, version 6.1.2 and below, version 5.4.0, version 5.3.3 and below may allow an authenticated user to view an encrypted ElasticSearch password via debug log files generated when FortiSIEM is configured with ElasticSearch Event Storage.
References
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2023-11-14T18:05:44.008Z

Updated: 2024-08-30T18:12:40.795Z

Reserved: 2023-10-09T08:01:29.296Z

Link: CVE-2023-45585

cve-icon Vulnrichment

Updated: 2024-08-02T20:21:16.654Z

cve-icon NVD

Status : Modified

Published: 2023-11-14T18:15:55.617

Modified: 2024-11-21T08:27:00.600

Link: CVE-2023-45585

cve-icon Redhat

No data.