Fortinet

Fortiaiops

4 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2024-27782

  • EPSS 0.55%
  • Veröffentlicht 09.07.2024 16:15:05
  • Zuletzt bearbeitet 21.11.2024 09:05:02

Multiple insufficient session expiration vulnerabilities [CWE-613] in FortiAIOps version 2.0.0 may allow an attacker to re-use stolen old session tokens to perform unauthorized operations via crafted requests.

8.8

CVE-2024-27783

  • EPSS 0.78%
  • Veröffentlicht 09.07.2024 16:15:05
  • Zuletzt bearbeitet 21.11.2024 09:05:02

Multiple cross-site request forgery (CSRF) vulnerabilities [CWE-352] in FortiAIOps version 2.0.0 may allow an unauthenticated remote attacker to perform arbitrary actions on behalf of an authenticated user via tricking the victim to execute maliciou...

6.5

CVE-2024-27784

  • EPSS 0.44%
  • Veröffentlicht 09.07.2024 16:15:05
  • Zuletzt bearbeitet 21.11.2024 09:05:02

Multiple Exposure of sensitive information to an unauthorized actor vulnerabilities [CWE-200] in FortiAIOps version 2.0.0 may allow an authenticated, remote attacker to retrieve sensitive information from the API endpoint or log files.

6.5

CVE-2024-27785

  • EPSS 0.64%
  • Veröffentlicht 09.07.2024 16:15:05
  • Zuletzt bearbeitet 21.11.2024 09:05:03

An improper neutralization of formula elements in a CSV File vulnerability [CWE-1236] in FortiAIOps version 2.0.0 may allow a remote authenticated attacker to execute arbitrary commands on a client's workstation via poisoned CSV reports.