CVE-2026-27316_CVE-2026-27316

2.5 / 10

LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Description

A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 through 5.0.5 may allow an authenticathed administrator to read LDAP server credentials via client-side inspection.

Basic Information

ID CVE-2026-27316

Source fortinet

Published Apr 14, 2026 at 15:38

Affected Product

Vendor Fortinet

Product FortiSandbox

Version 5.0.0

Affected Versions Fortinet FortiSandbox 5.0.0
Fortinet FortiSandbox 4.4.0
Fortinet FortiSandbox PaaS 23.4.4374
Fortinet FortiSandbox PaaS 23.4.4350
Fortinet FortiSandbox PaaS 23.3.4329
Fortinet FortiSandbox PaaS 23.1.4245
Fortinet FortiSandbox PaaS 22.2.4151
Fortinet FortiSandbox PaaS 22.2.4134
Fortinet FortiSandbox PaaS 22.1.4113
Fortinet FortiSandbox PaaS 21.4.4072
Fortinet FortiSandbox PaaS 21.3.4055
Fortinet FortiSandbox PaaS 5.0.1

CWE Classification

CWE-522

References

fortiguard.fortinet.com /psirt/FG-IR-26-113

{
    "lastseen": "",
    "description": "A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 through 5.0.5 may allow an authenticathed administrator to read LDAP server credentials via client-side inspection.",
    "published": "2026-04-14T15:38:02.149Z",
    "modified": "2026-04-14T15:38:02.149Z",
    "type": "cve",
    "title": "CVE-2026-27316",
    "source": "fortinet",
    "references": "https://fortiguard.fortinet.com/psirt/FG-IR-26-113",
    "id": "CVE-2026-27316",
    "bulletinFamily": "",
    "cwe": [
        "CWE-522"
    ],
    "cvelist": null,
    "sourceData": "Fortinet FortiSandbox 5.0.0\nFortinet FortiSandbox 4.4.0\nFortinet FortiSandbox PaaS 23.4.4374\nFortinet FortiSandbox PaaS 23.4.4350\nFortinet FortiSandbox PaaS 23.3.4329\nFortinet FortiSandbox PaaS 23.1.4245\nFortinet FortiSandbox PaaS 22.2.4151\nFortinet FortiSandbox PaaS 22.2.4134\nFortinet FortiSandbox PaaS 22.1.4113\nFortinet FortiSandbox PaaS 21.4.4072\nFortinet FortiSandbox PaaS 21.3.4055\nFortinet FortiSandbox PaaS 5.0.1",
    "sourceHref": "",
    "cvss": {
        "score": 2.5,
        "severity": "LOW",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "FortiSandbox",
    "version": "5.0.0",
    "vendor": "Fortinet",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}