Insufficient Session Expiration in FortiAIOps by Fortinet
CVE-2024-27782

7.7HIGH

Key Information:

Vendor: Fortinet
Status: Fortiaiops
Vendor: CVE Published:; 9 July 2024

What is CVE-2024-27782?

The insufficient session expiration vulnerabilities present in FortiAIOps version 2.0.0 expose users to significant security risks. Attackers may exploit these vulnerabilities by reusing compromised session tokens to execute unauthorized operations through specially crafted requests. This can lead to a wide range of adverse impacts on sensitive data and operational integrity. It is crucial for organizations utilizing FortiAIOps to apply necessary updates and implement safeguards to mitigate these vulnerabilities effectively.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

FortiAIOps 2.0.0

References

https://fortiguard.fortinet.com/psirt/FG-IR-24-069

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 9, 2024

JSON

Fortinet

What is CVE-2024-27782?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.