Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site request forgery (CSRF) weaknesses [CWE-352] vulnerability in Fortinet FortiAIOps 2.0.0 may allow an unauthenticated remote attacker to perform arbitrary actions on behalf of an authenticated user via tricking the victim to execute malicious GET requests.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
Fortinet FortiAIOps 跨站请求伪造漏洞
Vulnerability Description
Fortinet FortiAIOps是美国飞塔(Fortinet)公司的一款结合人工智能与机器学习 (AI/ML) 的 Fortinet 网络配套解决方案。 Fortinet FortiAIOps 2.0.0版本存在跨站请求伪造漏洞,该漏洞源于存在多个跨站请求伪造(CSRF)漏洞,可能允许未经身份验证的远程攻击者通过诱骗受害者执行恶意GET请求,代表经过身份验证的用户执行任意操作。
CVSS Information
N/A
Vulnerability Type
N/A