FortiOS – Existing websocket connection persists after deleting API admin
Discription
An insufficient session expiration [CWE-613] vulnerability in FortiOS REST API may allow an attacker to reuse the session of a deleted user, should the attacker manage to obtain the API token.Read More
References
Back to Main