PSIRT Advisory

CVE-2015-0279: Expression Language Injection in FortiSIEM

Summary

An expression language injection vulnerability in FortiSIEM may allow a remote attacker to inject arbitrary javascript code in the victim's browser's context via the JBoss RichFaces library.

Impact

Unauthorized code execution

Affected Products

FortiSIEM version 5.2.8 and below.

Solutions

Please upgrade to FortiSIEM version 5.3.0 or above.

Acknowledgement

Fortinet is pleased to thank Code White GmbH for reporting this vulnerability under responsible disclosure.