Plaintext storage of sensitive data in Windows Agent

Plaintext storage of sensitive data in Windows Agent Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-21-175 Final 1 1 2021-11-02T00:00:00 Current version 2021-11-02T00:00:00 2021-11-02T00:00:00 A plaintext storage of a password vulnerability [CWE-256] in the FortiSIEM Windows Agent may allow an authenticated user to impersonate the agent registered to the Supervisor via reading specific log files. Information disclosure FortiSIEM Windows Agent version 4.1.4 and below.FortiSIEM Windows Agent version 4.0.0.FortiSIEM Windows Agent version 3.3.0.FortiSIEM Windows Agent version 3.2.2 and below.FortiSIEM Windows Agent version 3.1.2 and below. Upgrade to FortiSIEM Windows Agent version 4.1.5 or above. Internally discovered and reported by Oleksii Mandrychenko and Damnjan Nikolic of Fortinet TAC team. Plaintext storage of sensitive data in Windows Agent CVE-2021-41023 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C https://fortiguard.fortinet.com/psirt/FG-IR-21-175 Plaintext storage of sensitive data in Windows Agent Reference>