cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-27782,https://securityvulnerability.io/vulnerability/CVE-2024-27782,Insufficient Session Expiration in FortiAIOps by Fortinet,The insufficient session expiration vulnerabilities present in FortiAIOps version 2.0.0 expose users to significant security risks. Attackers may exploit these vulnerabilities by reusing compromised session tokens to execute unauthorized operations through specially crafted requests. This can lead to a wide range of adverse impacts on sensitive data and operational integrity. It is crucial for organizations utilizing FortiAIOps to apply necessary updates and implement safeguards to mitigate these vulnerabilities effectively.,Fortinet,Fortiaiops,9.8,CRITICAL,0.000910000002477318,false,false,false,false,,false,false,2024-07-09T16:15:00.000Z,0
CVE-2024-27783,https://securityvulnerability.io/vulnerability/CVE-2024-27783,Cross-Site Request Forgery Vulnerabilities in FortiAIOps by Fortinet,"FortiAIOps version 2.0.0 contains multiple cross-site request forgery (CSRF) vulnerabilities, identified as CWE-352. These vulnerabilities can be exploited by unauthenticated remote attackers to perform unauthorized actions on behalf of authenticated users. The exploitation involves tricking victims into executing crafted GET requests, potentially leading to unwanted changes in their user account settings or unauthorized access to sensitive functionalities.",Fortinet,Fortiaiops,8.8,HIGH,0.0005799999926239252,false,false,false,false,,false,false,2024-07-09T16:15:00.000Z,0
CVE-2024-27784,https://securityvulnerability.io/vulnerability/CVE-2024-27784,Sensitive Information Exposure in Fortinet's FortiAIOps Product,"Fortinet's FortiAIOps version 2.0.0 is susceptible to vulnerabilities that may lead to the exposure of sensitive information to unauthorized actors. An authenticated remote attacker could exploit these weaknesses to retrieve confidential data from API endpoints or log files, posing a significant risk to data security and privacy.",Fortinet,Fortiaiops,6.5,MEDIUM,0.0004900000058114529,false,false,false,false,,false,false,2024-07-09T16:15:00.000Z,0
CVE-2024-27785,https://securityvulnerability.io/vulnerability/CVE-2024-27785,Improper Neutralization of Formula Elements in FortiAIOps by Fortinet,"A vulnerability exists in FortiAIOps version 2.0.0, where an improper neutralization of formula elements in CSV files could potentially allow a remote authenticated attacker to execute arbitrary commands on a client's workstation through maliciously crafted CSV reports. This issue underscores the need for stringent input validation and sanitization when processing user-generated data in CSV format.",Fortinet,Fortiaiops,6.5,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-07-09T16:15:00.000Z,0