CVE-2024-27783

high Fortinet
CVSS v3 Base Score
7.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
EPSS Score
1.1%
Exploitation probability in 30 days
Top 23% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Confidentiality
High
Integrity
Low
Availability
Low
Published: July 9, 2024 (673 days ago)
Last Modified: January 9, 2026
Vendor: Fortinet

Description

Multiple cross-site request forgery (CSRF) weaknesses [CWE-352] vulnerability in Fortinet FortiAIOps 2.0.0 may allow an unauthenticated remote attacker to perform arbitrary actions on behalf of an authenticated user via tricking the victim to execute malicious GET requests.

CWE

CWE-352

Affected Products

fortinet fortiaiops

References

🔗 fortiguard.fortinet.com 🔗 fortiguard.fortinet.com