Fortinet FortiSOAR Clear-Text Password Retrieval Vulnerability via LDAP Configuration Modification

A vulnerability allowing passwords to be stored in a recoverable format has been identified in Fortinet FortiSOAR. This issue affects FortiSOAR PaaS versions 7.6.0 to 7.6.4, 7.5.0 to 7.5.2, and all versions of FortiSOAR PaaS 7.4 and 7.3, as well as FortiSOAR on-premise versions 7.6.0 to 7.6.4, 7.5.0 to 7.5.2, and all versions of 7.4 and 7.3. The vulnerability may allow an authenticated remote attacker to retrieve service account passwords by modifying the server address in the LDAP configuration.

Impact

Exploitation of this vulnerability could lead to unauthorized retrieval of service account passwords, allowing for potential misuse of those accounts.

Remediation

Users can upgrade to FortiSOAR PaaS 7.6.5 or 7.5.3, depending on their current version. FortiSOAR on-premise users should also upgrade to 7.6.5 or 7.5.3, or migrate to a fixed release if they are on FortiSOAR PaaS or on-premise versions 7.4 or 7.3.