FortiSIEM - multiple path traversal vulnerabilities

Summary

A relative path traversal vulnerability [CWE-23] in FortiSIEM file upload components may allow an authenticated, low privileged user of the FortiSIEM GUI to escalate their privilege and replace arbitrary files on the underlying filesystem via specifically crafted HTTP requests.

Affected Products

FortiSIEM version 7.0.0
FortiSIEM version 6.7.0 through 6.7.3
FortiSIEM version 6.6.0 through 6.6.3
FortiSIEM version 6.5.0 through 6.5.1
FortiSIEM version 6.4.0 through 6.4.2

Solutions

Please upgrade to FortiSIEM version 7.0.1 or above
Please upgrade to FortiSIEM version 6.7.4 or above
Please upgrade to FortiSIEM version 6.6.4 or above
Please upgrade to FortiSIEM version 6.5.2 or above
Please upgrade to FortiSIEM version 6.4.3 or above

Acknowledgement

Internally discovered and reported by Lance Yeaw from ETAC team.

Timeline

2023-10-11: Initial publication