Описание
An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in Fortinet FortiFone 7.0.0 through 7.0.1, FortiFone 3.0.13 through 3.0.23 allows an unauthenticated attacker to obtain the device configuration via crafted HTTP or HTTPS requests.
EPSS
9.8 Critical
CVSS3
Дефекты
Связанные уязвимости
An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in Fortinet FortiFone 7.0.0 through 7.0.1, FortiFone 3.0.13 through 3.0.23 allows an unauthenticated attacker to obtain the device configuration via crafted HTTP or HTTPS requests.
Уязвимость микропрограммного обеспечения IP-телефонов Fortinet FortiFone, связанная с раскрытием информации, позволяющая нарушителю получить доступ к системным настройкам устройства
EPSS
9.8 Critical
CVSS3