CVEDB API

Vulnerabilities

Vulnerable Software

Fortinet: >> Fortiaiops Security Vulnerabilities

CVE-2024-27782

Multiple insufficient session expiration weaknesses [CWE-613] vulnerability in Fortinet FortiAIOps 2.0.0 may allow an attacker to re-use stolen old session tokens to perform unauthorized operations via crafted requests.

CVSS Score

8.1

EPSS Score

0.007

Published

2024-07-09

CVE-2024-27783

Multiple cross-site request forgery (CSRF) weaknesses [CWE-352] vulnerability in Fortinet FortiAIOps 2.0.0 may allow an unauthenticated remote attacker to perform arbitrary actions on behalf of an authenticated user via tricking the victim to execute malicious GET requests.

CVSS Score

7.6

EPSS Score

0.011

Published

2024-07-09

CVE-2024-27784

Multiple Exposure of sensitive information to an unauthorized actor weaknesses [CWE-200] vulnerability in Fortinet FortiAIOps 2.0.0 may allow an authenticated, remote attacker to retrieve sensitive information from the API endpoint or log files.

CVSS Score

8.8

EPSS Score

0.006

Published

2024-07-09

CVE-2024-27785

An improper neutralization of formula elements in a CSV File [CWE-1236] vulnerability in Fortinet FortiAIOps 2.0.0 may allow a remote authenticated attacker to execute arbitrary commands on a client's workstation via poisoned CSV reports.

CVSS Score

5.4

EPSS Score

0.006

Published

2024-07-09

Page 1

Vulnerabilities

Vulnerable Software

Fortinet: >> Fortiaiops Security Vulnerabilities

Products

Pricing

Contact Us