CVE-2021-41023: 
FortiSIEM vulnerability analysis and mitigation

CVE-2021-41023 is a security vulnerability affecting Fortinet FortiSIEM Windows Agent version 4.1.4 and below. The vulnerability was discovered and disclosed in September 2021, involving unprotected storage of credentials that allows authenticated users to access agent passwords stored in plaintext within log files (NVD, CVE).

The vulnerability is classified with a CVSS v3.1 Base Score of 5.5 (Medium severity) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N. This indicates local access is required, low attack complexity, low privileges required, no user interaction needed, and the scope is unchanged. The vulnerability primarily affects confidentiality with high impact, while having no impact on integrity or availability (NVD).

The primary impact of this vulnerability is the potential disclosure of agent passwords due to their storage in plaintext format within log files. This could allow authenticated users to access sensitive credential information, potentially leading to unauthorized access to system resources (NVD).

The vulnerability affects FortiSIEM Windows Agent version 4.1.4 and below. Users should upgrade to a version higher than 4.1.4 to address this security issue (NVD).