CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2022-43949
https://notcve.org/view.php?id=CVE-2022-43949
13 Jun 2023 — A use of a broken or risky cryptographic algorithm [CWE-327] in Fortinet FortiSIEM before 6.7.1 allows a remote unauthenticated attacker to perform brute force attacks on GUI endpoints via taking advantage of outdated hashing methods. • https://fortiguard.com/psirt/FG-IR-22-259 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 9.0EPSS: 0%CPEs: 25EXPL: 0CVE-2022-42478
https://notcve.org/view.php?id=CVE-2022-42478
13 Jun 2023 — An Improper Restriction of Excessive Authentication Attempts [CWE-307] in FortiSIEM below 7.0.0 may allow a non-privileged user with access to several endpoints to brute force attack these endpoints. • https://fortiguard.com/psirt/FG-IR-22-258 • CWE-307: Improper Restriction of Excessive Authentication Attempts •