cbcvebase.
CVE-2023-40715
published 2023-09-13

CVE-2023-40715: A cleartext storage of sensitive information vulnerability [CWE-312] in FortiTester 2.3.0 through 7.2.3 may allow an attacker with access to the DB contents to…

medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
A cleartext storage of sensitive information vulnerability [CWE-312] in FortiTester 2.3.0 through 7.2.3 may allow an attacker with access to the DB contents to retrieve the plaintext password of external servers configured in the device.

Affected

25 ranges
VendorProductVersion rangeFixed in
fortinetfortitester
fortinetfortitester
fortinetfortitester
fortinetfortitester
fortinetfortitester
fortinetfortitester
fortinetfortitester
fortinetfortitester
fortinetfortitester
fortinetfortitester
fortinetfortitester
fortinetfortitester
fortinetfortitester
fortinetfortitester
fortinetfortitester
fortinetfortitester2.3.0 – 7.2.3
fortinetfortitester2.4.0 – 2.4.1
fortinetfortitester3.3.0 – 3.3.1
fortinetfortitester3.5.0 – 3.5.1
fortinetfortitester3.7.0 – 3.7.1
fortinetfortitester3.9.0 – 3.9.2
fortinetfortitester4.1.0 – 4.1.1
fortinetfortitester4.2.0 – 4.2.1
fortinetfortitester7.1.0 – 7.1.1
fortinetfortitester7.2.0 – 7.2.3