How severe is CVE-2023-40720?

CVE-2023-40720 has a CVSS v3 score of 7.1 (HIGH).

CVE-2023-40720

Name: fortivoice
Author: fortinet

7.1HIGH

An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiVoiceEntreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenticated attacker to read the SIP config

Publicado: 5/14/2024Atualizado: 11/21/2024

Descrição

An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiVoiceEntreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenticated attacker to read the SIP configuration of other users via crafted HTTP or HTTPS requests.

Análise IADesenvolvido por IA

Produtos Afetados

fortinetfortivoice

7.0.0

fortinetfortivoice

7.0.1

Referências

https://fortiguard.com/psirt/FG-IR-23-282
Vendor Advisory
https://fortiguard.com/psirt/FG-IR-23-282
Vendor Advisory