CVE-2023-40720
7.1HIGHAn authorization bypass through user-controlled key vulnerability [CWE-639] in FortiVoiceEntreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenticated attacker to read the SIP config
게시됨: 5/14/2024업데이트됨: 11/21/2024
설명
An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiVoiceEntreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenticated attacker to read the SIP configuration of other users via crafted HTTP or HTTPS requests.
AI 분석AI 기반
영향받는 제품
fortinetfortivoice
fortinetfortivoice
fortinetfortivoice
7.0.0
fortinetfortivoice
7.0.1
참조
- https://fortiguard.com/psirt/FG-IR-23-282Vendor Advisory
- https://fortiguard.com/psirt/FG-IR-23-282Vendor Advisory