Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple Exposure of sensitive information to an unauthorized actor weaknesses [CWE-200] vulnerability in Fortinet FortiAIOps 2.0.0 may allow an authenticated, remote attacker to retrieve sensitive information from the API endpoint or log files.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
通过日志文件的信息暴露
Vulnerability Title
Fortinet FortiAIOps 日志信息泄露漏洞
Vulnerability Description
Fortinet FortiAIOps是美国飞塔(Fortinet)公司的一款结合人工智能与机器学习 (AI/ML) 的 Fortinet 网络配套解决方案。 Fortinet FortiAIOps 2.0.0版本存在日志信息泄露漏洞,该漏洞源于存在多个向未经授权的行为者暴露敏感信息的漏洞,可能允许经过身份验证的远程攻击者从API端点或日志文件中检索敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A