Skip to main content

Fortisoar On Premise CVE-2026-22155

| EUVDEUVD-2026-22319 HIGH
Cleartext Transmission of Sensitive Information (CWE-319)
2026-04-14 fortinet GHSA-wwhp-g3gj-wh3p
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

7
Severity Changed
Jul 08, 2026 - 13:22 NVD
MEDIUM HIGH
CVSS changed
Jul 08, 2026 - 13:22 NVD
6.5 (MEDIUM) 7.5 (HIGH)
Analysis Generated
Apr 14, 2026 - 17:05 vuln.today
CVSS changed
Apr 14, 2026 - 16:22 NVD
6.2 (MEDIUM) 6.5 (MEDIUM)
EUVD ID Assigned
Apr 14, 2026 - 16:00 euvd
EUVD-2026-22319
Analysis Generated
Apr 14, 2026 - 16:00 vuln.today
CVE Published
Apr 14, 2026 - 15:38 nvd
MEDIUM 6.5

DescriptionNVD

A cleartext transmission of sensitive information vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5.1, FortiSOAR on-premise 7.4 all versions, FortiSOAR on-premise 7.3 all versions may allow attacker to information disclosure via <insert attack vector here>

AnalysisAI

Fortinet FortiSOAR transmits sensitive information in cleartext over the network, allowing authenticated remote attackers to disclose confidential data. The vulnerability affects both PaaS and on-premise deployments across versions 7.3 through 7.6.x, with CVSS 6.5 reflecting moderate confidentiality impact requiring low-privilege authentication. No public exploit code or active exploitation has been confirmed at time of analysis.

Technical ContextAI

The vulnerability is rooted in CWE-319 (Cleartext Transmission of Sensitive Information), a protocol-level flaw where FortiSOAR fails to encrypt sensitive data in transit. Rather than protecting information via TLS/SSL or equivalent cryptographic channels, the application transmits credentials, API tokens, or other confidential payloads over unencrypted HTTP or similar cleartext protocols. Attackers with network-level access (or positioned on the same network as a FortiSOAR instance) can passively eavesdrop on authenticated sessions to intercept these materials. The vulnerability affects both the managed PaaS offering (Fortinet-hosted multi-tenant) and on-premise self-hosted deployments across multiple minor versions.

RemediationAI

Organizations must upgrade to patched versions: FortiSOAR on-premise to 7.3.4 or later, 7.5.2 or later, or 7.6.3 or later (depending on current version); FortiSOAR PaaS customers should verify patch application through Fortinet's managed deployment. As an interim mitigation pending patches, restrict network access to FortiSOAR instances using firewall rules or VPN-only access, enforce TLS/SSL at the reverse proxy layer if available, and review authentication logs for signs of credential misuse. Consult Fortinet advisory FG-IR-26-106 for version-specific patch availability and workaround details.

Share

CVE-2026-22155 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy