===================================================================== CERT-Renater Note d'Information No. 2023/VULN397 _____________________________________________________________________ DATE : 12/10/2023 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running FortiSIEM versions prior to 7.0.1, 6.7.4, 6.6.4, 6.5.2, 6.4.3. ===================================================================== https://fortiguard.fortinet.com/psirt/FG-IR-23-085 _____________________________________________________________________ FortiSIEM - multiple path traversal vulnerabilities IR Number : FG-IR-23-085 Date : Oct 11, 2023 Severity : Critical CVSSv3 Score : 9.7 Impact : Escalation of privilege CVE ID : CVE-2023-40714 Affected Products: FortiSIEM: 7.0.0, 6.7.4, 6.7.3, 6.7.2, 6.7.1, 6.7.0, 6.6.3, 6.6.2, 6.6.1, 6.6.0, 6.5.1, 6.5.0, 6.4.2, 6.4.1, 6.4.0 Summary A relative path traversal vulnerability [CWE-23] in FortiSIEM file upload components may allow an authenticated, low privileged user of the FortiSIEM GUI to escalate their privilege and replace arbitrary files on the underlying filesystem via specifically crafted HTTP requests. Affected Products FortiSIEM version 7.0.0 FortiSIEM version 6.7.0 through 6.7.3 FortiSIEM version 6.6.0 through 6.6.3 FortiSIEM version 6.5.0 through 6.5.1 FortiSIEM version 6.4.0 through 6.4.2 Solutions Please upgrade to FortiSIEM version 7.0.1 or above Please upgrade to FortiSIEM version 6.7.4 or above Please upgrade to FortiSIEM version 6.6.4 or above Please upgrade to FortiSIEM version 6.5.2 or above Please upgrade to FortiSIEM version 6.4.3 or above Acknowledgement Internally discovered and reported by Lance Yeaw from ETAC team. Timeline 2023-10-11: Initial publication ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================