CVE-2019-6700

MEDIUM

FortiSIEM < 5.2.5 - Authenticated Information Exposure via External Authentication Profile Form

Title source: llm
STIX 2.1

Description

An information exposure vulnerability in the external authentication profile form of FortiSIEM 5.2.2 and earlier may allow an authenticated attacker to retrieve the external authentication password via the HTML source code.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_confirm
https://fortiguard.com/advisory/FG-IR-19-100

Scores

CVSS v3 6.5
EPSS 0.0089
EPSS Percentile 55.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-200 CWE-522
Status published
Products (1)
fortinet/fortisiem < 5.2.5
Published Jan 07, 2020
Tracked Since Feb 18, 2026