What is CVE-2022-42478?

CVE-2022-42478 is an Improper Restriction of Excessive Authentication Attempts vulnerability in FortiSIEM below version 7.0.0.

How does CVE-2022-42478 affect FortiSIEM?

CVE-2022-42478 allows a non-privileged user with access to several endpoints to conduct a brute force attack on these endpoints.

What is the severity rating of CVE-2022-42478?

CVE-2022-42478 has a severity rating of 8.8 (high).

Which versions of FortiSIEM are affected by CVE-2022-42478?

FortiSIEM versions below 7.0.0, including 5.1.0 to 5.1.3, 5.3.0 to 5.3.3, and 6.3.0 to 6.3.3, are affected by CVE-2022-42478.

How can I fix CVE-2022-42478 in FortiSIEM?

To fix CVE-2022-42478 in FortiSIEM, it is recommended to upgrade to version 7.0.0 or higher.

Vulnerability/
CVE-2022-42478

high

8.8

CWE

307

13/6/2023

23/10/2024

CVE-2022-42478

First published: Tue Jun 13 2023(Updated: )

An Improper Restriction of Excessive Authentication Attempts [CWE-307] in FortiSIEM below 7.0.0 may allow a non-privileged user with access to several endpoints to brute force attack these endpoints.

Credit: psirt@fortinet.com

Affected Software	Affected Version	How to fix
Fortinet FortiSIEM	>=5.1.0<=5.1.3
Fortinet FortiSIEM	>=5.3.0<=5.3.3
Fortinet FortiSIEM	>=6.3.0<=6.3.3
Fortinet FortiSIEM	=5.2.1
Fortinet FortiSIEM	=5.2.2
Fortinet FortiSIEM	=5.2.5
Fortinet FortiSIEM	=5.2.6
Fortinet FortiSIEM	=5.2.7
Fortinet FortiSIEM	=5.2.8
Fortinet FortiSIEM	=5.4.0
Fortinet FortiSIEM	=6.1.0
Fortinet FortiSIEM	=6.1.1
Fortinet FortiSIEM	=6.1.2
Fortinet FortiSIEM	=6.2.0
Fortinet FortiSIEM	=6.2.1
Fortinet FortiSIEM	=6.4.0
Fortinet FortiSIEM	=6.4.1
Fortinet FortiSIEM	=6.4.2
Fortinet FortiSIEM	=6.5.0
Fortinet FortiSIEM	=6.5.1
Fortinet FortiSIEM	=6.6.0
Fortinet FortiSIEM	=6.6.1
Fortinet FortiSIEM	=6.6.2
Fortinet FortiSIEM	=6.6.3
Fortinet FortiSIEM	=6.7.0

Remedy

Please upgrade to FortiSIEM version 7.0.0 or above Please upgrade to FortiSIEM version 6.7.1 or above

Never miss a vulnerability like this again

Reference Links

https://fortiguard.com/psirt/FG-IR-22-258

Frequently Asked Questions

What is CVE-2022-42478?
CVE-2022-42478 is an Improper Restriction of Excessive Authentication Attempts vulnerability in FortiSIEM below version 7.0.0.
How does CVE-2022-42478 affect FortiSIEM?
CVE-2022-42478 allows a non-privileged user with access to several endpoints to conduct a brute force attack on these endpoints.
What is the severity rating of CVE-2022-42478?
CVE-2022-42478 has a severity rating of 8.8 (high).
Which versions of FortiSIEM are affected by CVE-2022-42478?
FortiSIEM versions below 7.0.0, including 5.1.0 to 5.1.3, 5.3.0 to 5.3.3, and 6.3.0 to 6.3.3, are affected by CVE-2022-42478.
How can I fix CVE-2022-42478 in FortiSIEM?
To fix CVE-2022-42478 in FortiSIEM, it is recommended to upgrade to version 7.0.0 or higher.

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/references
agent/author
agent/severity
agent/weakness
agent/remedy
agent/tags
agent/first-publish-date
agent/event
agent/description
vendor/fortinet
canonical/fortinet fortisiem
version/fortinet fortisiem/5.1.0
version/fortinet fortisiem/5.1.3
version/fortinet fortisiem/5.3.0
version/fortinet fortisiem/5.3.3
version/fortinet fortisiem/6.3.0
version/fortinet fortisiem/6.3.3
version/fortinet fortisiem/5.2.1
version/fortinet fortisiem/5.2.2
version/fortinet fortisiem/5.2.5
version/fortinet fortisiem/5.2.6
version/fortinet fortisiem/5.2.7
version/fortinet fortisiem/5.2.8
version/fortinet fortisiem/5.4.0
version/fortinet fortisiem/6.1.0
version/fortinet fortisiem/6.1.1
version/fortinet fortisiem/6.1.2
version/fortinet fortisiem/6.2.0
version/fortinet fortisiem/6.2.1
version/fortinet fortisiem/6.4.0
version/fortinet fortisiem/6.4.1
version/fortinet fortisiem/6.4.2
version/fortinet fortisiem/6.5.0
version/fortinet fortisiem/6.5.1
version/fortinet fortisiem/6.6.0
version/fortinet fortisiem/6.6.1
version/fortinet fortisiem/6.6.2
version/fortinet fortisiem/6.6.3
version/fortinet fortisiem/6.7.0