CVE-2024-27782
- EPSS 0.74%
- Veröffentlicht 09.07.2024 16:15:05
- Zuletzt bearbeitet 09.01.2026 17:15:51
Multiple insufficient session expiration weaknesses [CWE-613] vulnerability in Fortinet FortiAIOps 2.0.0 may allow an attacker to re-use stolen old session tokens to perform unauthorized operations via crafted requests.
CVE-2024-27783
- EPSS 1.06%
- Veröffentlicht 09.07.2024 16:15:05
- Zuletzt bearbeitet 09.01.2026 17:15:51
Multiple cross-site request forgery (CSRF) weaknesses [CWE-352] vulnerability in Fortinet FortiAIOps 2.0.0 may allow an unauthenticated remote attacker to perform arbitrary actions on behalf of an authenticated user via tricking the victim to execute...
CVE-2024-27784
- EPSS 0.59%
- Veröffentlicht 09.07.2024 16:15:05
- Zuletzt bearbeitet 09.01.2026 17:15:51
Multiple Exposure of sensitive information to an unauthorized actor weaknesses [CWE-200] vulnerability in Fortinet FortiAIOps 2.0.0 may allow an authenticated, remote attacker to retrieve sensitive information from the API endpoint or log files.
CVE-2024-27785
- EPSS 0.64%
- Veröffentlicht 09.07.2024 16:15:05
- Zuletzt bearbeitet 09.01.2026 17:15:51
An improper neutralization of formula elements in a CSV File [CWE-1236] vulnerability in Fortinet FortiAIOps 2.0.0 may allow a remote authenticated attacker to execute arbitrary commands on a client's workstation via poisoned CSV reports.