EUVD-2023-45271

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Use of hard-coded credentials vulnerability in FortiTester versions 2.3.0 to 7.2.3 allows database access.

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2023-40717	13 Sep 202316:23	–	circl
CNNVD	FortiTester Trust Management Issues Vulnerabilities	13 Sep 202300:00	–	cnnvd
CVE	CVE-2023-40717	13 Sep 202312:29	–	cve
Cvelist	CVE-2023-40717	13 Sep 202312:29	–	cvelist
NVD	CVE-2023-40717	13 Sep 202313:15	–	nvd
OSV	CVE-2023-40717	13 Sep 202313:15	–	osv
Prion	Hardcoded credentials	13 Sep 202313:15	–	prion
Positive Technologies	PT-2023-5206 · Fortinet · Fortitester	21 Aug 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-40717	9 Jan 202609:24	–	redhatcve
Vulnrichment	CVE-2023-40717	13 Sep 202312:29	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "f4c23185-b0c6-3729-b629-20041d633f05",
        "vendor": {
          "name": "Fortinet"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "06d1ff1d-0044-3dda-9400-135a755f4c3b",
        "product": {
          "name": "FortiTester"
        },
        "product_version": "3.8.0"
      },
      {
        "id": "0f1ceb59-0f63-38eb-b49a-637692abac2c",
        "product": {
          "name": "FortiTester"
        },
        "product_version": "7.2.0 ≤7.2.3"
      },
      {
        "id": "11e46d1f-1f0d-31b3-ae63-e08f6152a756",
        "product": {
          "name": "FortiTester"
        },
        "product_version": "3.2.0"
      },
      {
        "id": "14745434-c7b2-30d8-ae6a-04c3f5d88a86",
        "product": {
          "name": "FortiTester"
        },
        "product_version": "2.7.0"
      },
      {
        "id": "1caac035-e0f4-352e-be80-6896663f17ad",
        "product": {
          "name": "FortiTester"
        },
        "product_version": "2.8.0"
      },
      {
        "id": "29696cd4-cb94-360f-8d35-f21c6d63bef2",
        "product": {
          "name": "FortiTester"
        },
        "product_version": "2.6.0"
      },
      {
        "id": "3184cc8b-a521-3899-bdc5-f22acb5b1221",
        "product": {
          "name": "FortiTester"
        },
        "product_version": "3.1.0"
      },
      {
        "id": "3b8c7be6-0a2e-3232-8e6c-b40d726dc82d",
        "product": {
          "name": "FortiTester"
        },
        "product_version": "3.9.0 ≤3.9.2"
      },
      {
        "id": "58c06b70-4b83-36e9-b52f-f777836413cb",
        "product": {
          "name": "FortiTester"
        },
        "product_version": "2.5.0"
      },
      {
        "id": "5c9e7f47-1268-3dee-9d64-64ccc03119f1",
        "product": {
          "name": "FortiTester"
        },
        "product_version": "2.9.0"
      },
      {
        "id": "60643fe2-85d0-30e2-ba51-45e01d91afd2",
        "product": {
          "name": "FortiTester"
        },
        "product_version": "3.3.0 ≤3.3.1"
      },
      {
        "id": "68f36775-b6e8-3af5-8dba-c181c12edf37",
        "product": {
          "name": "FortiTester"
        },
        "product_version": "3.4.0"
      },
      {
        "id": "6a64c017-c5c5-3604-88e8-6a19167712a9",
        "product": {
          "name": "FortiTester"
        },
        "product_version": "4.2.0 ≤4.2.1"
      },
      {
        "id": "91363ae3-46c5-3ca1-b546-4fb0e3595dbc",
        "product": {
          "name": "FortiTester"
        },
        "product_version": "4.0.0"
      },
      {
        "id": "9762f79c-7e2f-3649-8bc1-039fb2469070",
        "product": {
          "name": "FortiTester"
        },
        "product_version": "7.1.0 ≤7.1.1"
      },
      {
        "id": "97e9f929-429b-3c09-9701-e4158d4244dd",
        "product": {
          "name": "FortiTester"
        },
        "product_version": "3.6.0"
      },
      {
        "id": "9ada1885-eea7-3a4a-a374-c3394f9b394b",
        "product": {
          "name": "FortiTester"
        },
        "product_version": "4.1.0 ≤4.1.1"
      },
      {
        "id": "a1fbaa4c-9fcd-3ff8-ba25-6f3002a2e061",
        "product": {
          "name": "FortiTester"
        },
        "product_version": "3.0.0"
      },
      {
        "id": "b5741955-e61d-3568-a586-de9fc074abe0",
        "product": {
          "name": "FortiTester"
        },
        "product_version": "2.4.0 ≤2.4.1"
      },
      {
        "id": "bdd67acb-c872-3ef2-9162-e029f4be7f8c",
        "product": {
          "name": "FortiTester"
        },
        "product_version": "2.3.0"
      },
      {
        "id": "ccc409fc-4449-3f9a-98c4-7c2d7d4292f0",
        "product": {
          "name": "FortiTester"
        },
        "product_version": "7.0.0"
      },
      {
        "id": "e81912b3-b195-3f71-ba90-cb5259337383",
        "product": {
          "name": "FortiTester"
        },
        "product_version": "3.7.0 ≤3.7.1"
      },
      {
        "id": "ef760f90-4713-3a9c-816b-8f977f8b987f",
        "product": {
          "name": "FortiTester"
        },
        "product_version": "3.5.0 ≤3.5.1"
      }
    ]
  }
]

Source	Link
fortiguard	www.fortiguard.com/psirt/FG-IR-22-245

03 Oct 2025 20:07Current

7.6High risk

Vulners AI Score7.6

CVSS 3.15.3 - 7.8

EPSS0.00073

SSVC

vulnerability hard-coded credentials fortitester database access shell commands