Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Fortiaiops Security Vulnerabilities

cve
cve

CVE-2024-27782

Multiple insufficient session expiration vulnerabilities [CWE-613] in FortiAIOps version 2.0.0 may allow an attacker to re-use stolen old session tokens to perform unauthorized operations via crafted requests.

9.8CVSS

7.2AI Score

0.001EPSS

2024-07-09 04:15 PM
27
cve
cve

CVE-2024-27783

Multiple cross-site request forgery (CSRF) vulnerabilities [CWE-352] in FortiAIOps version 2.0.0 may allow an unauthenticated remote attacker to perform arbitrary actions on behalf of an authenticated user via tricking the victim to execute malicious GET requests.

8.8CVSS

7.9AI Score

0.001EPSS

2024-07-09 04:15 PM
28
cve
cve

CVE-2024-27784

Multiple Exposure of sensitive information to an unauthorized actor vulnerabilities [CWE-200] in FortiAIOps version 2.0.0 may allow an authenticated, remote attacker to retrieve sensitive information from the API endpoint or log files.

8.8CVSS

7AI Score

0.0005EPSS

2024-07-09 04:15 PM
33
cve
cve

CVE-2024-27785

An improper neutralization of formula elements in a CSV File vulnerability [CWE-1236] in FortiAIOps version 2.0.0 may allow a remote authenticated attacker to execute arbitrary commands on a client's workstation via poisoned CSV reports.

6.5CVSS

7.8AI Score

0.0004EPSS

2024-07-09 04:15 PM
25