CVE-2023-40720 - CERT CVE
ID CVE-2023-40720
Sažetak An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiVoiceEntreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenticated attacker to read the SIP configuration of other users via crafted HTTP or HTTPS requests.
Reference
CVSS
Base: 7.1
Impact: 4.2
Exploitability:2.8
Pristup
VektorSloženostAutentikacija
NETWORK LOW LOW
Impact
PovjerljivostCjelovitostDostupnost
HIGH NONE LOW
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
Zadnje važnije ažuriranje 23-05-2024 - 16:38
Objavljeno 14-05-2024 - 17:15