IDOR over SIP configuration file


An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiVoiceEntreprise may allow an authenticated attacker to read the SIP configuration of other users via crafted HTTP or HTTPS requests.

Version Affected Solution
FortiVoice 7.0 7.0.0 through 7.0.1 Upgrade to 7.0.2 or above
FortiVoice 6.4 6.4.0 through 6.4.8 Upgrade to 6.4.9 or above
FortiVoice 6.0 6.0 all versions Migrate to a fixed release


Internally discovered and reported by Hritik Sateesh from Fortinet's Burnaby Infosec team.


2024-05-14: Initial publication