{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-28T11:49:16.450","vulnerabilities":[{"cve":{"id":"CVE-2024-40593","sourceIdentifier":"psirt@fortinet.com","published":"2025-12-11T15:15:46.243","lastModified":"2025-12-12T18:28:55.367","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A key management errors vulnerability in Fortinet FortiAnalyzer 7.4.0 through 7.4.2, FortiAnalyzer 7.2.0 through 7.2.5, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.4.0 through 7.4.2, FortiManager 7.2.0 through 7.2.5, FortiManager 7.0 all versions, FortiManager 6.4 all versions, FortiOS 7.6.0, FortiOS 7.4.4, FortiOS 7.2.7, FortiOS 7.0.14, FortiPortal 6.0 all versions may allow an authenticated admin to retrieve a certificate's private key via the device's admin shell."}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.5,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":3.6}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-320"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndExcluding":"7.2.6","matchCriteriaId":"F07BE2AB-5F28-4773-B9C3-1D76EA1C2D06"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.0","versionEndExcluding":"7.4.3","matchCriteriaId":"AF309EFD-1770-44AF-B192-3D9816F792CB"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndExcluding":"7.2.6","matchCriteriaId":"71CC4AA3-04CC-49CA-A012-E28C4D1F11DE"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.0","versionEndExcluding":"7.4.3","matchCriteriaId":"E4490512-36ED-4212-9D34-D74739A56E84"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*","matchCriteriaId":"71294A46-2667-4213-BA04-542291BC5D58"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*","matchCriteriaId":"AA6A7535-6EDF-4792-8AC4-ADFF40811E08"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:*","matchCriteriaId":"3B543474-445F-431D-A06A-63F566798BCF"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*","matchCriteriaId":"44CE8EE3-D64A-49C8-87D7-C18B302F864A"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiportal:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndIncluding":"6.0.15","matchCriteriaId":"A52BD29D-7295-48A1-9B89-86517C9AA5AE"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-24-133","source":"psirt@fortinet.com","tags":["Vendor Advisory"]}]}}]}