FortiSIEM Database hard-coded Credentials
A hard-coded password vulnerability in the FortiSIEM database component may allow attackers to access the device database via the use of static credentials.
FortiSIEM 5.2.5 and below
Upgrade to FortiSIEM 5.2.6 or above
Fortinet is pleased to thank "Independent security researcher Srour Ganoush", "CERT CYBERPROTECT" and "Chris Armstrong from CSCI, Inc" for reporting this vulnerability under responsible disclosure, as well as the FortiGuard team.