An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiVoiceEntreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenticated attacker to read the SIP configuration of other users via crafted HTTP or HTTPS requests.
References
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2024-05-14T16:19:12.993Z

Updated: 2024-08-02T18:38:51.211Z

Reserved: 2023-08-21T09:03:44.316Z

Link: CVE-2023-40720

cve-icon Vulnrichment

Updated: 2024-05-14T19:29:30.379Z

cve-icon NVD

Status : Modified

Published: 2024-05-14T17:15:19.067

Modified: 2024-11-21T08:20:01.767

Link: CVE-2023-40720

cve-icon Redhat

No data.