CVE-2023-40723
published 2025-03-11CVE-2023-40723: An exposure of sensitive information to an unauthorized actor in Fortinet FortiSIEM version 6.7.0 through 6.7.4 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.1…
high8.1CVSS 3.1
AVNACHPRNUINSUCHIHAH
An exposure of sensitive information to an unauthorized actor in Fortinet FortiSIEM version 6.7.0 through 6.7.4 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.1 and 6.4.0 through 6.4.2 and 6.3.0 through 6.3.3 and 6.2.0 through 6.2.1 and 6.1.0 through 6.1.2 and 5.4.0 and 5.3.0 through 5.3.3 and 5.2.5 through 5.2.8 and 5.2.1 through 5.2.2 and 5.1.0 through 5.1.3 allows attacker to execute unauthorized code or commands via api request.
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortinet | — | — |
| fortinet | fortisiem | — | — |
| fortinet | fortisiem | — | — |
| fortinet | fortisiem | >= 5.1.0 < 6.4.2 | 6.4.2 |
| fortinet | fortisiem | 5.1.0 – 5.1.3 | — |
| fortinet | fortisiem | 5.2.1 – 5.2.2 | — |
| fortinet | fortisiem | 5.2.5 – 5.2.8 | — |
| fortinet | fortisiem | 5.3.0 – 5.3.3 | — |
| fortinet | fortisiem | 6.1.0 – 6.1.2 | — |
| fortinet | fortisiem | 6.2.0 – 6.2.1 | — |
| fortinet | fortisiem | 6.3.0 – 6.3.3 | — |
| fortinet | fortisiem | 6.4.0 – 6.4.2 | — |
| fortinet | fortisiem | >= 6.5.0 < 6.5.2 | 6.5.2 |
| fortinet | fortisiem | 6.5.0 – 6.5.1 | — |
| fortinet | fortisiem | >= 6.6.0 < 6.6.4 | 6.6.4 |
| fortinet | fortisiem | 6.6.0 – 6.6.3 | — |
| fortinet | fortisiem | >= 6.7.0 < 6.7.5 | 6.7.5 |
| fortinet | fortisiem | 6.7.0 – 6.7.4 | — |