File Integrity Monitoring Fim
Monthly
Incorrect privilege assignment in Fortra File Integrity Monitoring (FIM) versions prior to 9.4.0 causes the `tetool import` command to assign elevated or incorrect effective permissions to newly created users when FIM is actively running during import. The flaw is compounded when the import operation also creates or modifies roles or role-permission relationships, meaning users may silently receive access levels beyond what was configured. No public exploit has been identified at time of analysis, and the CVSS score of 4.9 (Medium) reflects the high-privilege prerequisite that limits realistic exposure to administrative misuse or insider threat scenarios.
Incorrect privilege assignment in Fortra File Integrity Monitoring (FIM) versions prior to 9.4.0 causes the `tetool import` command to assign elevated or incorrect effective permissions to newly created users when FIM is actively running during import. The flaw is compounded when the import operation also creates or modifies roles or role-permission relationships, meaning users may silently receive access levels beyond what was configured. No public exploit has been identified at time of analysis, and the CVSS score of 4.9 (Medium) reflects the high-privilege prerequisite that limits realistic exposure to administrative misuse or insider threat scenarios.