CVE-2019-6700

MEDIUM

Fortinet Fortisiem < 5.2.5 - Information Disclosure

Title source: rule

Description

An information exposure vulnerability in the external authentication profile form of FortiSIEM 5.2.2 and earlier may allow an authenticated attacker to retrieve the external authentication password via the HTML source code.

References (1)

[Vendor Advisory] https://fortiguard.com/advisory/FG-IR-19-100

Scores

CVSS v3 6.5

EPSS 0.0025

EPSS Percentile 47.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-522 CWE-200

Status published

Affected Products (1)

fortinet/fortisiem < 5.2.5

Timeline

Published Jan 07, 2020

Tracked Since Feb 18, 2026