CVE-2023-40717 - Vulnerability Details - OpenCVE

A use of hard-coded credentials vulnerability [CWE-798] in FortiTester 2.3.0 through 7.2.3 may allow an attacker who managed to get a shell on the device to access the database via shell commands.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00073.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Fortinet	Fortitester

Configuration 1 [-]

cpe:2.3:a:fortinet:fortitester:*:*:*:*:*:*:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2023-45271	A use of hard-coded credentials vulnerability [CWE-798] in FortiTester 2.3.0 through 7.2.3 may allow an attacker who managed to get a shell on the device to access the database via shell commands.

Fixes

Solution

Please upgrade to FortiTester version 7.3.0 or above

Workaround

No workaround given by the vendor.

References

Link	Providers
https://fortiguard.com/psirt/FG-IR-22-245

History

Tue, 24 Sep 2024 20:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2023-09-13T12:29:45.466Z

Updated: 2024-09-24T19:57:16.170Z

Reserved: 2023-08-21T09:03:44.315Z

Link: CVE-2023-40717

Vulnrichment

Updated: 2024-08-02T18:38:51.225Z

NVD

Status : Modified

Published: 2023-09-13T13:15:09.507

Modified: 2024-11-21T08:20:01.307

Link: CVE-2023-40717

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-40717", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "state": "PUBLISHED", "assignerShortName": "fortinet", "dateReserved": "2023-08-21T09:03:44.315Z", "datePublished": "2023-09-13T12:29:45.466Z", "dateUpdated": "2024-09-24T19:57:16.170Z"}, "containers": {"cna": {"affected": [{"vendor": "Fortinet", "product": "FortiTester", "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "7.2.0", "lessThanOrEqual": "7.2.3", "status": "affected"}, {"versionType": "semver", "version": "7.1.0", "lessThanOrEqual": "7.1.1", "status": "affected"}, {"version": "7.0.0", "status": "affected"}, {"versionType": "semver", "version": "4.2.0", "lessThanOrEqual": "4.2.1", "status": "affected"}, {"versionType": "semver", "version": "4.1.0", "lessThanOrEqual": "4.1.1", "status": "affected"}, {"version": "4.0.0", "status": "affected"}, {"versionType": "semver", "version": "3.9.0", "lessThanOrEqual": "3.9.2", "status": "affected"}, {"version": "3.8.0", "status": "affected"}, {"versionType": "semver", "version": "3.7.0", "lessThanOrEqual": "3.7.1", "status": "affected"}, {"version": "3.6.0", "status": "affected"}, {"versionType": "semver", "version": "3.5.0", "lessThanOrEqual": "3.5.1", "status": "affected"}, {"version": "3.4.0", "status": "affected"}, {"versionType": "semver", "version": "3.3.0", "lessThanOrEqual": "3.3.1", "status": "affected"}, {"version": "3.2.0", "status": "affected"}, {"version": "3.1.0", "status": "affected"}, {"version": "3.0.0", "status": "affected"}, {"version": "2.9.0", "status": "affected"}, {"version": "2.8.0", "status": "affected"}, {"version": "2.7.0", "status": "affected"}, {"version": "2.6.0", "status": "affected"}, {"version": "2.5.0", "status": "affected"}, {"versionType": "semver", "version": "2.4.0", "lessThanOrEqual": "2.4.1", "status": "affected"}, {"version": "2.3.0", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A use of hard-coded credentials vulnerability [CWE-798] in\u00a0FortiTester\u00a02.3.0 through 7.2.3 may allow an attacker who managed to get a shell on the device to access the database via shell commands."}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2023-09-13T12:29:45.466Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-798", "description": "Improper access control", "type": "CWE"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:U/RC:C"}}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiTester version 7.3.0 or above "}], "references": [{"name": "https://fortiguard.com/psirt/FG-IR-22-245", "url": "https://fortiguard.com/psirt/FG-IR-22-245"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:38:51.225Z"}, "title": "CVE Program Container", "references": [{"name": "https://fortiguard.com/psirt/FG-IR-22-245", "url": "https://fortiguard.com/psirt/FG-IR-22-245", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-24T19:40:14.020771Z", "id": "CVE-2023-40717", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-24T19:57:16.170Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://fortiguard.com/psirt/FG-IR-22-245", "name": "https://fortiguard.com/psirt/FG-IR-22-245", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:38:51.225Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-40717", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-24T19:40:14.020771Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-24T19:57:09.426Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:U/RC:C", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "Fortinet", "product": "FortiTester", "versions": [{"status": "affected", "version": "7.2.0", "versionType": "semver", "lessThanOrEqual": "7.2.3"}, {"status": "affected", "version": "7.1.0", "versionType": "semver", "lessThanOrEqual": "7.1.1"}, {"status": "affected", "version": "7.0.0"}, {"status": "affected", "version": "4.2.0", "versionType": "semver", "lessThanOrEqual": "4.2.1"}, {"status": "affected", "version": "4.1.0", "versionType": "semver", "lessThanOrEqual": "4.1.1"}, {"status": "affected", "version": "4.0.0"}, {"status": "affected", "version": "3.9.0", "versionType": "semver", "lessThanOrEqual": "3.9.2"}, {"status": "affected", "version": "3.8.0"}, {"status": "affected", "version": "3.7.0", "versionType": "semver", "lessThanOrEqual": "3.7.1"}, {"status": "affected", "version": "3.6.0"}, {"status": "affected", "version": "3.5.0", "versionType": "semver", "lessThanOrEqual": "3.5.1"}, {"status": "affected", "version": "3.4.0"}, {"status": "affected", "version": "3.3.0", "versionType": "semver", "lessThanOrEqual": "3.3.1"}, {"status": "affected", "version": "3.2.0"}, {"status": "affected", "version": "3.1.0"}, {"status": "affected", "version": "3.0.0"}, {"status": "affected", "version": "2.9.0"}, {"status": "affected", "version": "2.8.0"}, {"status": "affected", "version": "2.7.0"}, {"status": "affected", "version": "2.6.0"}, {"status": "affected", "version": "2.5.0"}, {"status": "affected", "version": "2.4.0", "versionType": "semver", "lessThanOrEqual": "2.4.1"}, {"status": "affected", "version": "2.3.0"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiTester version 7.3.0 or above "}], "references": [{"url": "https://fortiguard.com/psirt/FG-IR-22-245", "name": "https://fortiguard.com/psirt/FG-IR-22-245"}], "descriptions": [{"lang": "en", "value": "A use of hard-coded credentials vulnerability [CWE-798] in\u00a0FortiTester\u00a02.3.0 through 7.2.3 may allow an attacker who managed to get a shell on the device to access the database via shell commands."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-798", "description": "Improper access control"}]}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2023-09-13T12:29:45.466Z"}}}, "cveMetadata": {"cveId": "CVE-2023-40717", "state": "PUBLISHED", "dateUpdated": "2024-09-24T19:57:16.170Z", "dateReserved": "2023-08-21T09:03:44.315Z", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "datePublished": "2023-09-13T12:29:45.466Z", "assignerShortName": "fortinet"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortitester:*:*:*:*:*:*:*:*", "matchCriteriaId": "2EEDB613-6C76-4B86-AA8A-4C72C97AF1B7", "versionEndIncluding": "7.2.3", "versionStartIncluding": "2.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A use of hard-coded credentials vulnerability [CWE-798] in\u00a0FortiTester\u00a02.3.0 through 7.2.3 may allow an attacker who managed to get a shell on the device to access the database via shell commands."}, {"lang": "es", "value": "Un uso de la vulnerabilidad de credenciales codificadas [CWE-798] en FortiTester 2.3.0 a 7.2.3 puede permitir que un atacante que logr\u00f3 obtener un shell en el dispositivo acceda a la base de datos mediante comandos de shell."}], "id": "CVE-2023-40717", "lastModified": "2024-11-21T08:20:01.307", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.4, "source": "psirt@fortinet.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-09-13T13:15:09.507", "references": [{"source": "psirt@fortinet.com", "tags": ["Vendor Advisory"], "url": "https://fortiguard.com/psirt/FG-IR-22-245"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://fortiguard.com/psirt/FG-IR-22-245"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-798"}], "source": "psirt@fortinet.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-798"}], "source": "nvd@nist.gov", "type": "Primary"}]}