CVE-2023-40723: 
FortiSIEM Analisi e mitigazione delle vulnerabilità

CVE-2023-40723 is a high-severity vulnerability (CVSS v3.1 score: 7.7) discovered in Fortinet FortiSIEM that was disclosed on March 11, 2025. This vulnerability is classified as an exposure of sensitive information to an unauthorized actor (CWE-200) affecting multiple versions of FortiSIEM, including versions 6.7.0 through 6.7.4, 6.6.0 through 6.6.3, 6.5.0 through 6.5.1, 6.4.0 through 6.4.2, and all versions of 6.3, 6.2, 6.1, 5.4, 5.3, 5.2, and 5.1 (Fortinet PSIRT).

The vulnerability allows a remote unauthenticated attacker who has acquired knowledge of the agent's authorization header through other means to read the database password via crafted API requests. The vulnerability affects the GUI component of FortiSIEM and has been assigned a high severity rating with a CVSS v3.1 base score of 7.7 (Fortinet PSIRT).

If successfully exploited, this vulnerability could allow attackers to execute unauthorized code or commands in the affected system. The exposure of database passwords could potentially lead to unauthorized access to sensitive information and further system compromise (Fortinet PSIRT, CIS Advisory).

Fortinet has released patches to address this vulnerability. Users are advised to upgrade to the following versions based on their current installation: FortiSIEM 6.7.5 or above for 6.7.x users, 6.6.4 or above for 6.6.x users, 6.5.2 or above for 6.5.x users, and 6.4.3 or above for 6.4.x users. Users of versions 6.3 and earlier must migrate to a fixed release (Fortinet PSIRT).