Executive Risk Summary
"A vulnerability in Fortinet FortiAIOps 2.0.0 allows an attacker to re-use stolen old session tokens to perform unauthorized operations via crafted requests, potentially leading to unauthorized access and data breaches. This vulnerability is classified as a critical risk due to the potential for significant data integrity and confidentiality impacts."
Operational Audit Arsenal
Manual Verification Required
This is a non-Windows asset (Fortinet). Use the target asset details above to verify your version against vendor advisories.
Patch Impact Forecast
Moderate
Internal Work Notes
Technical Intelligence & Operational Utilities • Delivered Weekly
Intelligence Sources
Scope of Impact
Original NVD Description
"Multiple insufficient session expiration weaknesses [CWE-613] vulnerability in Fortinet FortiAIOps 2.0.0 may allow an attacker to re-use stolen old session tokens to perform unauthorized operations via crafted requests."