CVE-2023-40714

Summary

A relative path traversal in Fortinet FortiSIEM versions 7.0.0, 6.7.0 through 6.7.2, 6.6.0 through 6.6.3, 6.5.1, 6.5.0 allows attacker to escalate privilege via uploading certain GUI elements

Affected Software

VendorProductVersion RangeStatus
FortinetFortiSIEM7.0.0affected
FortinetFortiSIEM6.7.0 <= 6.7.2affected
FortinetFortiSIEM6.6.0 <= 6.6.3affected
FortinetFortiSIEM6.5.0 <= 6.5.1affected

Weaknesses

  • CWE-23: Escalation of privilege

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References