CVSS: 9.0EPSS: 0%CPEs: 25EXPL: 0CVE-2022-42478
https://notcve.org/view.php?id=CVE-2022-42478
13 Jun 2023 — An Improper Restriction of Excessive Authentication Attempts [CWE-307] in FortiSIEM below 7.0.0 may allow a non-privileged user with access to several endpoints to brute force attack these endpoints. • https://fortiguard.com/psirt/FG-IR-22-258 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2022-26119
https://notcve.org/view.php?id=CVE-2022-26119
02 Nov 2022 — A improper authentication vulnerability in Fortinet FortiSIEM before 6.5.0 allows a local attacker with CLI access to perform operations on the Glassfish server directly via a hardcoded password. Una vulnerabilidad de autenticación incorrecta en Fortinet FortiSIEM anterior a 6.5.0 permite a un atacante local con acceso CLI realizar operaciones en el servidor Glassfish directamente a través de una contraseña codificada. • https://fortiguard.com/psirt/FG-IR-22-064 • CWE-798: Use of Hard-coded Credentials •