FortiOS – Existing websocket connection persists after deleting API admin
Discription

An insufficient session expiration [CWE-613] vulnerability in FortiOS REST API may allow an attacker to reuse the session of a deleted user, should the attacker manage to obtain the API token.Read More

Back to Main

Subscribe for the latest news: