Fortinet FortiSOAR: Passwords Can Be Retrieved by Attackers

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

4.3

Fortinet FortiSOAR: Passwords Can Be Retrieved by Attackers

CVE-2026-22576

Summary

FortiSOAR, a security orchestration, automation, and response platform, stores passwords in a recoverable format. This means that if an attacker gains access to the system, they can retrieve passwords for various connectors. Affected organizations should update to the latest version of FortiSOAR to fix this issue and protect sensitive passwords.

Original title

Original description

A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.4, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.4, FortiSOAR on-premise 7.5.0 through 7.5.2, FortiSOAR on-premise 7.4 all versions, FortiSOAR on-premise 7.3 all versions may allow an authenticated remote attacker to retrieve passwords for multiple installed connectors via server address modification in connector configuration.

nvd CVSS3.1 4.3

Vulnerability type

CWE-257

https://fortiguard.fortinet.com/psirt/FG-IR-26-104

Published: 14 Apr 2026 · Updated: 15 Apr 2026 · First seen: 14 Apr 2026