Existing websocket connection persists after deleting API admin Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-23-028 Final 1 1 2023-07-11T00:00:00 Current version 2023-07-11T00:00:00 2023-07-11T00:00:00 An insufficient session expiration [CWE-613] vulnerability in FortiOS REST API may allow an attacker to keep a secure websocket session active after user deletion.Workaround:Restrict hosts that can connect to the websocket to trusted ones only, with the trusted host feature. None Execute unauthorized code or commands Internally discovered and reported by Yi Liu of Fortinet Test team. FortiOS 7.2.4 FortiOS 7.2.3 FortiOS 7.2.2 FortiOS 7.2.1 FortiOS 7.2.0 FortiOS 7.0.12 FortiOS 7.0.11 FortiOS 7.0.10 FortiOS 7.0.9 FortiOS 7.0.8 FortiOS 7.0.7 FortiOS 7.0.6 FortiOS 7.0.5 FortiOS 7.0.4 FortiOS 7.0.3 FortiOS 7.0.2 FortiOS 7.0.1 FortiOS 7.0.0 CVE-2023-28001 FortiOS-7.2.4 FortiOS-7.2.3 FortiOS-7.2.2 FortiOS-7.2.1 FortiOS-7.2.0 FortiOS-7.0.12 FortiOS-7.0.11 FortiOS-7.0.10 FortiOS-7.0.9 FortiOS-7.0.8 FortiOS-7.0.7 FortiOS-7.0.6 FortiOS-7.0.5 FortiOS-7.0.4 FortiOS-7.0.3 FortiOS-7.0.2 FortiOS-7.0.1 FortiOS-7.0.0 4.1 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L/E:U/RL:X/RC:X https://fortiguard.fortinet.com/psirt/FG-IR-23-028 Existing websocket connection persists after deleting API admin Reference>