Vulnerabilities > Fortinet > Fortiaiops
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-09 | CVE-2024-27782 | Insufficient Session Expiration vulnerability in Fortinet Fortiaiops 2.0.0 Multiple insufficient session expiration vulnerabilities [CWE-613] in FortiAIOps version 2.0.0 may allow an attacker to re-use stolen old session tokens to perform unauthorized operations via crafted requests. | 9.8 |
| 2024-07-09 | CVE-2024-27783 | Cross-Site Request Forgery (CSRF) vulnerability in Fortinet Fortiaiops 2.0.0 Multiple cross-site request forgery (CSRF) vulnerabilities [CWE-352] in FortiAIOps version 2.0.0 may allow an unauthenticated remote attacker to perform arbitrary actions on behalf of an authenticated user via tricking the victim to execute malicious GET requests. | 8.8 |
| 2024-07-09 | CVE-2024-27784 | Information Exposure Through Log Files vulnerability in Fortinet Fortiaiops 2.0.0 Multiple Exposure of sensitive information to an unauthorized actor vulnerabilities [CWE-200] in FortiAIOps version 2.0.0 may allow an authenticated, remote attacker to retrieve sensitive information from the API endpoint or log files. | 6.5 |
| 2024-07-09 | CVE-2024-27785 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Fortinet Fortiaiops 2.0.0 An improper neutralization of formula elements in a CSV File vulnerability [CWE-1236] in FortiAIOps version 2.0.0 may allow a remote authenticated attacker to execute arbitrary commands on a client's workstation via poisoned CSV reports. | 6.5 |