説明
An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiVoiceEntreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenticated attacker to read the SIP configuration of other users via crafted HTTP or HTTPS requests.
AI分析AIによる分析
影響を受ける製品
fortinetfortivoice
fortinetfortivoice
fortinetfortivoice
7.0.0
fortinetfortivoice
7.0.1
参照
- https://fortiguard.com/psirt/FG-IR-23-282Vendor Advisory
- https://fortiguard.com/psirt/FG-IR-23-282Vendor Advisory