Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
2.7
Fortinet FortiSandbox: Administrator Can Read LDAP Server Credentials
CVE-2026-27316
Summary
If an attacker has administrative access, they can view sensitive LDAP server login credentials. This could lead to unauthorized access to the LDAP server. Fortinet has released a patch to fix this issue, so it's essential to update FortiSandbox to the latest version.
Original title
A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 through 5.0.5 may allow an authenticathed a...
Original description
A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 through 5.0.5 may allow an authenticathed administrator to read LDAP server credentials via client-side inspection.
nvd CVSS3.1
2.7
Vulnerability type
CWE-522
Insufficiently Protected Credentials
Published: 14 Apr 2026 · Updated: 15 Apr 2026 · First seen: 14 Apr 2026