CVE-2023-40723
📊 8.1 HIGH⚡ 0.1%🎯 0 exploits
📅 Published Mar 11, 2025
📋 Status: Analyzed
An exposure of sensitive information to an unauthorized actor in Fortinet FortiSIEM version 6.7.0 through 6.7.4 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.1 and 6.4.0 through 6.4.2 and 6.3.0 through 6.3.3 and 6.2.0 through 6.2.1 and 6.1.0 through 6.1.2 and 5.4.0 and 5.3.0 through 5.3.3 and 5.2.5 through 5.2.8 and 5.2.1 through 5.2.2 and 5.1.0 through 5.1.3 allows attacker to execute unauthorized code or commands via api request.
CVSS v3.1 • [email protected]
🎯 Affected Products & Systems
4 product configurations affected
Filter by type:
| Type | Vendor | Product | Version Range | Status | CPE String |
|---|---|---|---|---|---|
📱App | fortinet | fortisiem | ≥ 5.1.0 ∧ < 6.4.2 | Vulnerable | cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:* |
📱App | fortinet | fortisiem | ≥ 6.5.0 ∧ < 6.5.2 | Vulnerable | cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:* |
📱App | fortinet | fortisiem | ≥ 6.6.0 ∧ < 6.6.4 | Vulnerable | cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:* |
📱App | fortinet | fortisiem | ≥ 6.7.0 ∧ < 6.7.5 | Vulnerable | cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:* |
Version: ≥ 5.1.0 ∧ < 6.4.2
CPE:
cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*
Version: ≥ 6.5.0 ∧ < 6.5.2
CPE:
cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*
Version: ≥ 6.6.0 ∧ < 6.6.4
CPE:
cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*
Metrics
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector:
NETWORK
Complexity:
HIGH
Privileges:
NONE
User Interaction:
NONE
Confidentiality:
HIGH
Integrity:
HIGH
Availability:
HIGH
Scope:
UNCHANGED
🔍 Technical Details
Analysis Status
AnalyzedCVSS Details
8.1 (HIGH)v3.1
Source: [email protected]
EPSS Details
0.1% (Minimal)25.5th percentile
Last updated: Oct 31, 2025
Exploitation probability within 30 days
Published Date
Mar 11, 2025 (7 months ago)
Last Modified
Jul 22, 2025 (3 months ago)
Security Weaknesses1
CWE-200
References2
NVDgeneral