VYPR

FortiAIOps

by Fortinet

CVEs (4)

  • CVE-2024-27782Jul 9, 2024
    risk 0.00cvss epss 0.01

    Multiple insufficient session expiration weaknesses [CWE-613] vulnerability in Fortinet FortiAIOps 2.0.0 may allow an attacker to re-use stolen old session tokens to perform unauthorized operations via crafted requests.

  • CVE-2024-27784Jul 9, 2024
    risk 0.00cvss epss 0.01

    Multiple Exposure of sensitive information to an unauthorized actor weaknesses [CWE-200] vulnerability in Fortinet FortiAIOps 2.0.0 may allow an authenticated, remote attacker to retrieve sensitive information from the API endpoint or log files.

  • CVE-2024-27785Jul 9, 2024
    risk 0.00cvss epss 0.00

    An improper neutralization of formula elements in a CSV File [CWE-1236] vulnerability in Fortinet FortiAIOps 2.0.0 may allow a remote authenticated attacker to execute arbitrary commands on a client's workstation via poisoned CSV reports.

  • CVE-2024-27783Jul 9, 2024
    risk 0.00cvss epss 0.00

    Multiple cross-site request forgery (CSRF) weaknesses [CWE-352] vulnerability in Fortinet FortiAIOps 2.0.0 may allow an unauthenticated remote attacker to perform arbitrary actions on behalf of an authenticated user via tricking the victim to execute malicious GET requests.