First published: Tue Nov 14 2023(Updated: )
An exposure of sensitive information to an unauthorized actor [CWE-200] in FortiSIEM version 7.0.0 and before 6.7.5 may allow an attacker with access to windows agent logs to obtain the windows agent password via searching through the logs.
|Affected Software||Affected Version||How to fix|
CVE-2023-41676 is a vulnerability in FortiSIEM version 7.0.0 and before 6.7.5 that exposes sensitive information to unauthorized actors.
CVE-2023-41676 allows attackers with access to Windows agent logs to obtain the Windows agent password by searching through the logs.
CVE-2023-41676 has a severity rating of medium (6.5).
FortiSIEM versions 7.0.0 and before 6.7.5 are affected by CVE-2023-41676.
To fix the vulnerability in FortiSIEM, it is recommended to upgrade to a version after 6.7.5 or version 7.0.0.