FortiSIEM - Encrypted password stored in logs


An insertion of sensitive information into log file vulnerability [CWE-532] in FortiSIEM may allow an authenticated user to view an encrypted ElasticSearch password via debug log files generated when FortiSIEM is configured with ElasticSearch Event Storage.


Affected Products

FortiSIEM version 7.0.0
FortiSIEM version 6.7.0 through 6.7.6
FortiSIEM version 6.6.0 through 6.6.3
FortiSIEM version 6.5.0 through 6.5.1
FortiSIEM version 6.4.0 through 6.4.2
FortiSIEM 6.3 all versions
FortiSIEM 6.2 all versions
FortiSIEM 6.1 all versions
FortiSIEM 5.4 all versions
FortiSIEM 5.3 all versions


Internally discovered and reported by Jingjin Zhu


2023-11-07: Initial publication