2 matches found
CVE-2024-27782
Multiple insufficient session expiration weaknesses CWE-613 vulnerability in Fortinet FortiAIOps 2.0.0 may allow an attacker to re-use stolen old session tokens to perform unauthorized operations via crafted requests...
CVE-2024-27784
Multiple Exposure of sensitive information to an unauthorized actor weaknesses CWE-200 vulnerability in Fortinet FortiAIOps 2.0.0 may allow an authenticated, remote attacker to retrieve sensitive information from the API endpoint or log files...