CVE-2023-26204: 
FortiSIEM vulnerability analysis and mitigation

A plaintext storage of a password vulnerability (CWE-256) was discovered in FortiSIEM that affects multiple versions of the software from version 5.3 through 6.7. The vulnerability was disclosed on June 12, 2023, and was assigned CVE-2023-26204 with a CVSSv3 score of 3.6 (Low severity). The vulnerability was reported by Martijn van Hoof from Simac IT NL B.V. under responsible disclosure (Fortinet PSIRT).

The vulnerability is classified as a plaintext credentials storage vulnerability in the database (CWE-256). When exploited, it allows an attacker with access to the user database content to view stored passwords in plaintext format. The vulnerability received a CVSSv3 score of 3.6, indicating low severity (Fortinet PSIRT).

If exploited, this vulnerability allows an attacker who has access to the user database content to impersonate any administrative user on the device's graphical user interface. This could lead to unauthorized access to administrative functions and potential system compromise (CERT-FR).

Fortinet recommends migrating to FortiSIEM version 7.0 or later, which is not affected by this vulnerability. All versions from 5.3 through 6.7 are affected and should be upgraded. No temporary workarounds have been provided (Fortinet PSIRT).