Fortinet FortiSOAR PaaS passwords can be accessed by unauthorized users

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

4.1

Fortinet FortiSOAR PaaS passwords can be accessed by unauthorized users

CVE-2026-22574

Summary

A security weakness in FortiSOAR PaaS and on-premise versions means that an attacker with access to the system can potentially retrieve sensitive account passwords. This could allow them to gain unauthorized access to the system. Fortinet users should review their LDAP configuration and take steps to secure their passwords.

Original title

Original description

A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.4, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.4, FortiSOAR on-premise 7.5.0 through 7.5.2, FortiSOAR on-premise 7.4 all versions, FortiSOAR on-premise 7.3 all versions may allow an authenticated remote attacker to retrieve Service account password via server address modification in LDAP configuration.

nvd CVSS3.1 4.1

Vulnerability type

CWE-257

https://fortiguard.fortinet.com/psirt/FG-IR-26-105

Published: 14 Apr 2026 · Updated: 15 Apr 2026 · First seen: 14 Apr 2026