FortiSIEM - plaintext storage of sensitive data in Windows Agent
Summary
A plaintext storage of a password vulnerability [CWE-256] in the FortiSIEM Windows Agent may allow an authenticated user to impersonate the agent registered to the Supervisor via reading specific log files.
Affected Products
FortiSIEM Windows Agent version 4.1.4 and below.
FortiSIEM Windows Agent version 4.0.0.
FortiSIEM Windows Agent version 3.3.0.
FortiSIEM Windows Agent version 3.2.2 and below.
FortiSIEM Windows Agent version 3.1.2 and below.
Solutions
Upgrade to FortiSIEM Windows Agent version 4.1.5Â or above.
Acknowledgement
Internally discovered and reported by Oleksii
Mandrychenko and Damnjan Nikolic of Fortinet TAC team.