Количество 3
Количество 3
CVE-2024-50562
An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL-VPN version 7.6.0, version 7.4.6 and below, version 7.2.10 and below, 7.0 all versions, 6.4 all versions may allow an attacker in possession of a cookie used to log in the SSL-VPN portal to log in again, although the session has expired or was logged out.
GHSA-3vr5-764g-c3pw
An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL-VPN version 7.6.0, version 7.4.6 and below, version 7.2.10 and below, 7.0 all versions, 6.4 all versions may allow an attacker in possession of a cookie used to log in the SSL-VPN portal to log in again, although the session has expired or was logged out.
BDU:2025-12657
Уязвимость технологии SSL-VPN операционных систем FortiOS, позволяющая нарушителю обойти процесс аутентификации
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-50562 An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL-VPN version 7.6.0, version 7.4.6 and below, version 7.2.10 and below, 7.0 all versions, 6.4 all versions may allow an attacker in possession of a cookie used to log in the SSL-VPN portal to log in again, although the session has expired or was logged out. | CVSS3: 4.8 | 0% Низкий | 8 месяцев назад |
| GHSA-3vr5-764g-c3pw An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL-VPN version 7.6.0, version 7.4.6 and below, version 7.2.10 and below, 7.0 all versions, 6.4 all versions may allow an attacker in possession of a cookie used to log in the SSL-VPN portal to log in again, although the session has expired or was logged out. | CVSS3: 4.8 | 0% Низкий | 8 месяцев назад |
 | BDU:2025-12657 Уязвимость технологии SSL-VPN операционных систем FortiOS, позволяющая нарушителю обойти процесс аутентификации | CVSS3: 4.8 | 0% Низкий | 8 месяцев назад |
Уязвимостей на страницу