Fortinet FortiSOAR Cleartext Transmission of Password Vulnerability

A vulnerability allowing cleartext transmission of sensitive information has been identified in Fortinet FortiSOAR. This issue affects FortiSOAR PaaS versions 7.6.0 to 7.6.3, 7.5.0 to 7.5.2, and all versions of FortiSOAR PaaS 7.4 and 7.3. Additionally, FortiSOAR on-premise versions 7.6.0 to 7.6.2, 7.5.0 to 7.5.1, and all versions of 7.4 and 7.3 are also vulnerable. The vulnerability allows an authenticated attacker to intercept cleartext passwords in responses to Secure Message Exchange and RADIUS queries, if the features are configured to use these protocols.

Impact

Exploitation of this vulnerability could lead to unauthorized access to cleartext passwords, which could be misused to gain further access or privileges within the application or system.

Remediation

Users can upgrade to FortiSOAR PaaS 7.6.4 or 7.5.3, depending on their current version. For those using FortiSOAR on-premise, the same upgrade paths apply. Users on FortiSOAR PaaS 7.4 or 7.3, or FortiSOAR on-premise 7.4 or 7.3, should migrate to a fixed release.