Glassfish local credentials stored in plain text

Glassfish local credentials stored in plain text Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-22-064 Final 1 1 2022-11-01T00:00:00 Current version 2022-11-01T00:00:00 2022-11-01T00:00:00 An improper authentification vulnerability [CWE-287] in FortiSIEM may allow a local attacker with CLI access to perform operations on the Glassfish server directly via a hardcoded password. None Improper access control At leastFortiSIEM 6.6 all versions are not affectedFortiSIEM 6.5 all versions are not affectedFortiSIEM 6.4 all versionsFortiSIEM 6.3 all versionsFortiSIEM 6.2 all versionsFortiSIEM 6.1 all versionsFortiSIEM 5.4 all versionsFortiSIEM 5.3 all versionsFortiSIEM 5.2 all versionsFortiSIEM 5.1 all versionsFortiSIEM 5.0 all versions Please upgrade to FortiSIEM version 6.5.0 or above Fortinet is pleased to thank Victor Pasman and James Reno for reporting this vulnerability under responsible disclosure. FortiSIEM 6.4.4 FortiSIEM 6.4.3 FortiSIEM 6.4.2 FortiSIEM 6.4.1 FortiSIEM 6.4.0 FortiSIEM 6.3.3 FortiSIEM 6.3.2 FortiSIEM 6.3.1 FortiSIEM 6.3.0 FortiSIEM 6.2.1 FortiSIEM 6.2.0 FortiSIEM 6.1.2 FortiSIEM 6.1.1 FortiSIEM 6.1.0 FortiSIEM 5.4.0 FortiSIEM 5.3.3 FortiSIEM 5.3.2 FortiSIEM 5.3.1 FortiSIEM 5.3.0 FortiSIEM 5.2.8 FortiSIEM 5.2.7 FortiSIEM 5.2.6 FortiSIEM 5.2.5 FortiSIEM 5.2.2 FortiSIEM 5.2.1 FortiSIEM 5.1.3 FortiSIEM 5.1.2 FortiSIEM 5.1.1 FortiSIEM 5.1.0 FortiSIEM 5.0.1 FortiSIEM 5.0.0 Glassfish local credentials stored in plain text CVE-2022-26119 FortiSIEM-6.4.4 FortiSIEM-6.4.3 FortiSIEM-6.4.2 FortiSIEM-6.4.1 FortiSIEM-6.4.0 FortiSIEM-6.3.3 FortiSIEM-6.3.2 FortiSIEM-6.3.1 FortiSIEM-6.3.0 FortiSIEM-6.2.1 FortiSIEM-6.2.0 FortiSIEM-6.1.2 FortiSIEM-6.1.1 FortiSIEM-6.1.0 FortiSIEM-5.4.0 FortiSIEM-5.3.3 FortiSIEM-5.3.2 FortiSIEM-5.3.1 FortiSIEM-5.3.0 FortiSIEM-5.2.8 FortiSIEM-5.2.7 FortiSIEM-5.2.6 FortiSIEM-5.2.5 FortiSIEM-5.2.2 FortiSIEM-5.2.1 FortiSIEM-5.1.3 FortiSIEM-5.1.2 FortiSIEM-5.1.1 FortiSIEM-5.1.0 FortiSIEM-5.0.1 FortiSIEM-5.0.0 7.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C https://fortiguard.fortinet.com/psirt/FG-IR-22-064 Glassfish local credentials stored in plain text Reference>