Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
7DescriptionNVD
A cleartext transmission of sensitive information vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5.1, FortiSOAR on-premise 7.4 all versions, FortiSOAR on-premise 7.3 all versions may allow attacker to information disclosure via <insert attack vector here>
AnalysisAI
Fortinet FortiSOAR transmits sensitive information in cleartext over the network, allowing authenticated remote attackers to disclose confidential data. The vulnerability affects both PaaS and on-premise deployments across versions 7.3 through 7.6.x, with CVSS 6.5 reflecting moderate confidentiality impact requiring low-privilege authentication. No public exploit code or active exploitation has been confirmed at time of analysis.
Technical ContextAI
The vulnerability is rooted in CWE-319 (Cleartext Transmission of Sensitive Information), a protocol-level flaw where FortiSOAR fails to encrypt sensitive data in transit. Rather than protecting information via TLS/SSL or equivalent cryptographic channels, the application transmits credentials, API tokens, or other confidential payloads over unencrypted HTTP or similar cleartext protocols. Attackers with network-level access (or positioned on the same network as a FortiSOAR instance) can passively eavesdrop on authenticated sessions to intercept these materials. The vulnerability affects both the managed PaaS offering (Fortinet-hosted multi-tenant) and on-premise self-hosted deployments across multiple minor versions.
RemediationAI
Organizations must upgrade to patched versions: FortiSOAR on-premise to 7.3.4 or later, 7.5.2 or later, or 7.6.3 or later (depending on current version); FortiSOAR PaaS customers should verify patch application through Fortinet's managed deployment. As an interim mitigation pending patches, restrict network access to FortiSOAR instances using firewall rules or VPN-only access, enforce TLS/SSL at the reverse proxy layer if available, and review authentication logs for signs of credential misuse. Consult Fortinet advisory FG-IR-26-106 for version-specific patch availability and workaround details.
More in Fortisoar On Premise
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-22319
GHSA-wwhp-g3gj-wh3p