How severe is CVE-2023-40720?

CVE-2023-40720 has a CVSS v3 score of 7.1 (HIGH).

CVE-2023-40720

Name: fortivoice
Author: fortinet

7.1HIGH

An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiVoiceEntreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenticated attacker to read the SIP config

发布于: 5/14/2024更新于: 11/21/2024

描述

An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiVoiceEntreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenticated attacker to read the SIP configuration of other users via crafted HTTP or HTTPS requests.

AI分析AI驱动

受影响产品

fortinetfortivoice

7.0.0

fortinetfortivoice

7.0.1

参考资料

https://fortiguard.com/psirt/FG-IR-23-282
Vendor Advisory
https://fortiguard.com/psirt/FG-IR-23-282
Vendor Advisory