A relative path traversal in Fortinet FortiSIEM versions 7.0.0, 6.7.0 through 6.7.2, 6.6.0 through 6.6.3, 6.5.1, 6.5.0 allows attacker to escalate privilege via uploading certain GUI elements
An attacker with basic system access (low privileges) can upload specific GUI elements containing crafted relative paths (relative path traversal, CWE-23). The application mechanism does not properly validate the uploaded paths, which allows files to be placed outside the permitted directory. As a result, the attacker is able to obtain a higher level of privileges in the system.
Successful exploitation of the vulnerability allows an attacker to escalate privileges, potentially leading to complete takeover of the FortiSIEM system with violation of data confidentiality, integrity, and availability.
Patches available from the vendor should be applied in accordance with references published by Fortinet at https://fortiguard.com/psirt/FG-IR-23-085
Fortinet FortiSIEM in versions: 7.0.0, 6.7.0 to 6.7.2, 6.6.0 to 6.6.3, 6.5.1, and 6.5.0
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HFortinet Fortisiem
APPFortinet7.0.06.4.0 – 6.5.16.6.0 – 6.6.36.7.0 – 6.7.3
Related vulnerabilities
Command injection w Fortinet FortiSIEM — RCE przez TCP
Krytyczny pre-auth command injection w Fortinet FortiSIEM (RCE)
Command injection w Fortinet FortiSIEM — nieautoryzowane wykonanie kodu przez API
Command Injection w Fortinet FortiSIEM umożliwiający zdalne wykonanie kodu
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet Forti...