CVE-2026-22576 PUBLISHED

Assigner: fortinet
Reserved: 07.01.2026 Published: 14.04.2026 Updated: 14.04.2026

A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.4, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.4, FortiSOAR on-premise 7.5.0 through 7.5.2, FortiSOAR on-premise 7.4 all versions, FortiSOAR on-premise 7.3 all versions may allow an authenticated remote attacker to retrieve passwords for multiple installed connectors via server address modification in connector configuration.

Metrics

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:X/RL:O/RC:C
CVSS Score: 4.1

Product Status

Vendor Fortinet
Product FortiSOAR PaaS
Versions Default: unaffected
  • affected from 7.6.0 to 7.6.4 (incl.)
  • affected from 7.5.0 to 7.5.2 (incl.)
  • affected from 7.4.0 to 7.4.5 (incl.)
  • affected from 7.3.0 to 7.3.3 (incl.)
Vendor Fortinet
Product FortiSOAR on-premise
Versions Default: unaffected
  • affected from 7.6.0 to 7.6.4 (incl.)
  • affected from 7.5.0 to 7.5.2 (incl.)
  • affected from 7.4.0 to 7.4.5 (incl.)
  • affected from 7.3.0 to 7.3.3 (incl.)

Solutions

Upgrade to FortiSOAR on-premise version 7.6.5 or above Upgrade to upcoming FortiSOAR on-premise version 7.5.3 or above Upgrade to FortiSOAR PaaS version 7.6.5 or above Upgrade to upcoming FortiSOAR PaaS version 7.5.3 or above

References

Problem Types

  • Information disclosure CWE