Fortisoar On Premise
Monthly
Fortinet FortiSOAR transmits sensitive information in cleartext over the network, allowing authenticated remote attackers to disclose confidential data. The vulnerability affects both PaaS and on-premise deployments across versions 7.3 through 7.6.x, with CVSS 6.5 reflecting moderate confidentiality impact requiring low-privilege authentication. No public exploit code or active exploitation has been confirmed at time of analysis.
Fortinet FortiSOAR (both PaaS and on-premise versions 7.3-7.6.x) transmits sensitive authentication credentials in cleartext in API responses for Secure Message Exchange and RADIUS configurations, allowing authenticated attackers with network access to intercept and view passwords. The vulnerability requires user interaction (UI:R) and prior authentication (PR:L), affecting confidentiality of stored credentials in these integrations with a CVSS score of 5.7.
Fortinet FortiSOAR transmits sensitive information in cleartext over the network, allowing authenticated remote attackers to disclose confidential data. The vulnerability affects both PaaS and on-premise deployments across versions 7.3 through 7.6.x, with CVSS 6.5 reflecting moderate confidentiality impact requiring low-privilege authentication. No public exploit code or active exploitation has been confirmed at time of analysis.
Fortinet FortiSOAR (both PaaS and on-premise versions 7.3-7.6.x) transmits sensitive authentication credentials in cleartext in API responses for Secure Message Exchange and RADIUS configurations, allowing authenticated attackers with network access to intercept and view passwords. The vulnerability requires user interaction (UI:R) and prior authentication (PR:L), affecting confidentiality of stored credentials in these integrations with a CVSS score of 5.7.