Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-27785 | 1 Fortinet | 1 Fortiaiops | 2026-01-09 | N/A | 5.4 MEDIUM |
| An improper neutralization of formula elements in a CSV File [CWE-1236] vulnerability in Fortinet FortiAIOps 2.0.0 may allow a remote authenticated attacker to execute arbitrary commands on a client's workstation via poisoned CSV reports. | |||||
| CVE-2024-27784 | 1 Fortinet | 1 Fortiaiops | 2026-01-09 | N/A | 8.8 HIGH |
| Multiple Exposure of sensitive information to an unauthorized actor weaknesses [CWE-200] vulnerability in Fortinet FortiAIOps 2.0.0 may allow an authenticated, remote attacker to retrieve sensitive information from the API endpoint or log files. | |||||
| CVE-2024-27783 | 1 Fortinet | 1 Fortiaiops | 2026-01-09 | N/A | 7.6 HIGH |
| Multiple cross-site request forgery (CSRF) weaknesses [CWE-352] vulnerability in Fortinet FortiAIOps 2.0.0 may allow an unauthenticated remote attacker to perform arbitrary actions on behalf of an authenticated user via tricking the victim to execute malicious GET requests. | |||||
| CVE-2024-27782 | 1 Fortinet | 1 Fortiaiops | 2026-01-09 | N/A | 8.1 HIGH |
| Multiple insufficient session expiration weaknesses [CWE-613] vulnerability in Fortinet FortiAIOps 2.0.0 may allow an attacker to re-use stolen old session tokens to perform unauthorized operations via crafted requests. | |||||