CVE-2026-27316

EUVD-2026-22333
A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 through 5.0.5 may allow an authenticathed administrator to read LDAP server credentials via client-side inspection.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.7 LOW
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 11%
Affected Products (NVD)
VendorProductVersion
fortinetfortisandbox
4.4.0 ≤
𝑥
< 5.0.6
fortinetfortisandbox_cloud
5.0.4
fortinetfortisandbox_cloud
5.0.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://fortiguard.fortinet.com/psirt/FG-IR-26-113