High
Fortinet FortiDDoS could allow a remote attacker to bypass security restrictions, caused by use of a hard-coded cryptographic key in the FortiDDoS API. An attacker could exploit this vulnerability to retrieve the key from one device and sign JWT tokens for any device.
Fortinet
Refer to FortiGuard Advisory for patch, upgrade or suggested workaround information.