Overview
- Description
- An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiVoiceEntreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenticated attacker to read the SIP configuration of other users via crafted HTTP or HTTPS requests.
- Source
- psirt@fortinet.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.1
- Impact score
- 4.2
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
- Severity
- HIGH
Weaknesses
- psirt@fortinet.com
- CWE-639
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C0B44874-E530-40B9-92F5-03667CFB9F1C",
"versionEndIncluding": "6.0.12",
"versionStartIncluding": "6.0.0"
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5FCE3488-2ABC-4608-91D4-8B25A9C180FA",
"versionEndIncluding": "6.4.8",
"versionStartIncluding": "6.4.0"
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:7.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BB44AB41-E006-489F-9C49-2DFA73EF01B2"
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:7.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "46ED919A-533A-4C6D-9042-B67A9E89FF29"
}
],
"operator": "OR"
}
]
}
]