Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple insufficient session expiration weaknesses [CWE-613] vulnerability in Fortinet FortiAIOps 2.0.0 may allow an attacker to re-use stolen old session tokens to perform unauthorized operations via crafted requests.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
不充分的会话过期机制
Vulnerability Title
Fortinet FortiAIOps 代码问题漏洞
Vulnerability Description
Fortinet FortiAIOps是美国飞塔(Fortinet)公司的一款结合人工智能与机器学习 (AI/ML) 的 Fortinet 网络配套解决方案。 Fortinet FortiAIOps 2.0.0版本存在代码问题漏洞,该漏洞源于存在多个会话过期不足漏洞,可能允许攻击者重新使用被盗的旧会话令牌通过精心设计的请求执行未经授权的操作。
CVSS Information
N/A
Vulnerability Type
N/A