CVSSv3 Score: 2.6
A Direct Request (‘Forced Browsing’) [CWE-425] vulnerability in FortiAuthenticator logs may allow an authenticated attacker with at least sponsor permissions to read and download device logs via accessing specific endpoints.
Revised on 2025-12-09 00:00:00
