[FortiSiem] Expression Language Injection observed in FortiSiem

Summary

An expression language injection vulnerability in FortiSIEM JBoss RichFaces library may allow a remote attacker to inject expression language (EL) expressions and execute arbitrary Java code via the do parameter.

Affected Products

FortiSIEM version 5.2.8 and below.

Solutions

Please upgrade to FortiSIEM version 5.3.0 or above.

Acknowledgement

Fortinet is pleased to thank Code White GmbH for reporting this vulnerability under responsible disclosure.

Timeline

2020-06-21: Initial publication