FortSIEM <= 5.2.8 RCE due to EL Injection – analysis
Posted by Red Timmy Security on Oct 06
The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 6 cores and 12 processing threads bundled with the quiet AMD wraith stealth cooler max temps 95°C 4 2 G... read more
(as of January 27, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
AMD's fastest 6 core processor for mainstream desktop, with 12 processing threads Can deliver elite 100+ FPS performance in the world's most popular games Bundled with the quiet, capable AMD Wraith Stealth cooler 4.6 GHz Max Boost, unlocked for overc... read more
(as of January 27, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
AMD's fastest 8 core processor for mainstream desktop, with 16 procesing threads Can deliver elite 100+ FPS performance in the world's most popular games Cooler not included, high-performance cooler recommended 4.7 GHz Max Boost, unlocked for overclo... read more
(as of January 27, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
On June 21st 2020 Fortinet has released a security bulletin for its
FortiSIEM product: https://www.fortiguard.com/psirt/FG-IR-20-041. All
versions of the product equal to/minor than 5.2.8 are vulnerable to an
unauthorized remote command execution via Expression Language injection.
The affected component, found and reported by Code White guys, is an old
acquaintance of ours: the infamous java library Richfaces.
7 months ago we have publicly…
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.