{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-12T09:48:57.257","vulnerabilities":[{"cve":{"id":"CVE-2023-40723","sourceIdentifier":"psirt@fortinet.com","published":"2025-03-11T15:15:39.843","lastModified":"2025-07-22T21:21:00.950","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An exposure of sensitive information to an unauthorized actor in Fortinet FortiSIEM version 6.7.0 through 6.7.4 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.1 and 6.4.0 through 6.4.2 and 6.3.0 through 6.3.3 and 6.2.0 through 6.2.1 and 6.1.0 through 6.1.2 and 5.4.0 and 5.3.0 through 5.3.3 and 5.2.5 through 5.2.8 and 5.2.1 through 5.2.2 and 5.1.0 through 5.1.3 allows attacker to execute unauthorized code or commands via api request."},{"lang":"es","value":"Una exposición de información confidencial a un actor no autorizado en Fortinet FortiSIEM versión 6.7.0 a 6.7.4 y 6.6.0 a 6.6.3 y 6.5.0 a 6.5.1 y 6.4.0 a 6.4.2 y 6.3.0 a 6.3.3 y 6.2.0 a 6.2.1 y 6.1.0 a 6.1.2 y 5.4.0 y 5.3.0 a 5.3.3 y 5.2.5 a 5.2.8 y 5.2.1 a 5.2.2 y 5.1.0 a 5.1.3 permite al atacante ejecutar código o comandos no autorizados a través de una solicitud de API."}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*","versionStartIncluding":"5.1.0","versionEndExcluding":"6.4.2","matchCriteriaId":"361CAA14-AE0D-492C-9B41-90E70D16BB49"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*","versionStartIncluding":"6.5.0","versionEndExcluding":"6.5.2","matchCriteriaId":"42604422-E5EC-47C9-B849-DA4BABB57358"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6.0","versionEndExcluding":"6.6.4","matchCriteriaId":"0E7355FE-92CC-4E11-A738-5BF78B1F35E5"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7.0","versionEndExcluding":"6.7.5","matchCriteriaId":"83920BC0-7B4A-4D86-89C0-5370D37CA7DB"}]}]}],"references":[{"url":"https://fortiguard.com/psirt/FG-IR-23-117","source":"psirt@fortinet.com","tags":["Vendor Advisory"]}]}}]}