Skip to main content

Fortisoar Paas

2 CVEs product

Monthly

CVE-2026-22155 HIGH This Week

Fortinet FortiSOAR transmits sensitive information in cleartext over the network, allowing authenticated remote attackers to disclose confidential data. The vulnerability affects both PaaS and on-premise deployments across versions 7.3 through 7.6.x, with CVSS 6.5 reflecting moderate confidentiality impact requiring low-privilege authentication. No public exploit code or active exploitation has been confirmed at time of analysis.

Fortinet Information Disclosure Fortisoar On Premise Fortisoar Paas
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-21742 MEDIUM This Month

Fortinet FortiSOAR (both PaaS and on-premise versions 7.3-7.6.x) transmits sensitive authentication credentials in cleartext in API responses for Secure Message Exchange and RADIUS configurations, allowing authenticated attackers with network access to intercept and view passwords. The vulnerability requires user interaction (UI:R) and prior authentication (PR:L), affecting confidentiality of stored credentials in these integrations with a CVSS score of 5.7.

Fortinet Information Disclosure Microsoft Fortisoar Paas Fortisoar On Premise
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
EPSS 0% CVSS 7.5
HIGH This Week

Fortinet FortiSOAR transmits sensitive information in cleartext over the network, allowing authenticated remote attackers to disclose confidential data. The vulnerability affects both PaaS and on-premise deployments across versions 7.3 through 7.6.x, with CVSS 6.5 reflecting moderate confidentiality impact requiring low-privilege authentication. No public exploit code or active exploitation has been confirmed at time of analysis.

Fortinet Information Disclosure Fortisoar On Premise +1
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

Fortinet FortiSOAR (both PaaS and on-premise versions 7.3-7.6.x) transmits sensitive authentication credentials in cleartext in API responses for Secure Message Exchange and RADIUS configurations, allowing authenticated attackers with network access to intercept and view passwords. The vulnerability requires user interaction (UI:R) and prior authentication (PR:L), affecting confidentiality of stored credentials in these integrations with a CVSS score of 5.7.

Fortinet Information Disclosure Microsoft +2
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy