← Back to CVE List

CVE-2023-28001

Published: 2023-07-11T17:15Z
Last Modified: 2024-11-21T07:53Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
An insufficient session expiration in Fortinet FortiOS 7.0.0 - 7.0.12 and 7.2.0 - 7.2.4 allows an attacker to execute unauthorized code or commands via reusing the session of a deleted user in the REST API. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt