CVE-2023-40719

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Nov 14, 2023

Updated: Nov 21, 2023

CWE ID 798

Summary

CVE-2023-40719 is a vulnerability affecting Fortinet FortiAnalyzer and FortiManager versions 7.0.0 to 7.0.8, 7.2.0 to 7.2.3, and 7.4.0. This issue arises from the utilization of hard-coded credentials, which an attacker can exploit to gain unauthorized access to Fortinet's private testing data. The vulnerability poses a significant risk, as the static credentials are widely known, increasing the likelihood of successful attacks. Organizations using these Fortinet versions are urged to apply the available patches to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

FortiManager
FortiAnalyzer

Affected Vendors

Fortinet

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/safA15
https://www.cve.org/CVERecord?id=CVE-2023-40719
https://nvd.nist.gov/vuln/detail/CVE-2023-40719

Back to Vulnerability Database