Insufficient Session Expiration in Fortinet FortiEDR Products
CVE-2023-33303
7.7HIGH
What is CVE-2023-33303?
An insufficient session expiration vulnerability exists in Fortinet's FortiEDR versions 5.0.0 through 5.0.1. This weakness allows attackers to exploit the system by executing unauthorized code or commands through crafted API requests. Organizations using these affected versions should take immediate action to mitigate the risk, ensuring that proper session management practices are implemented to safeguard against potential exploits.
Affected Version(s)
FortiEDR 5.0.0 <= 5.0.1