CVE-2024-50562EPSS p60.7%

CVE-2024-50562CVE-2024-50562

fortinet / fortisase

Description

An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL-VPN version 7.6.0, version 7.4.6 and below, version 7.2.10 and below, 7.0 all versions, 6.4 all versions may allow an attacker in possession of a cookie used to log in the SSL-VPN portal to log in again, although the session has expired or was logged out.

Scoring

CVSS 4.8 ()
VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
EPSS1.08% probability of exploitation · percentile 60.7% · 2026-06-18T12:00:27Z
Last modified2026-06-09

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-24471
CVE
CVE-2025-25248
CVE
CVE-2025-25250
CVE
Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability
CVE
Fortinet FortiOS SSL VPN Improper Authentication Vulnerability
CVE
CVE-2022-40684
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.