CVE-2026-23708Improper Authentication in Fortinet Fortisoar On-premise

CWE-287Improper Authentication4 documents4 sources
Severity
7.5HIGHNVD
EPSS
0.1%
top 81.03%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Fortinet Fortisoar On-premiseFortinet Fortisoar Paas
Timeline
PublishedApr 14

Description

A improper authentication vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR on-premise 7.6.0 through 7.6.3, FortiSOAR on-premise 7.5.0 through 7.5.2 may allow an unauthenticated attacker to bypass authentication via replaying captured 2FA request. The attack requires being able to intercept and decrypt authentication traffic and precise timing to replay the request before token expiration, which raises the attack complexity.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages2 packages

CVEListV5fortinet/fortisoar_paas7.6.07.6.3+1
CVEListV5fortinet/fortisoar_on-premise7.6.07.6.3+1

🔴Vulnerability Details

2
CVEList
CVE-2026-23708: A improper authentication vulnerability in Fortinet FortiSOAR PaaS 72026-04-14
GHSA
GHSA-6p3p-h3vc-6rh5: A improper authentication vulnerability in Fortinet FortiSOAR PaaS 72026-04-14

📋Vendor Advisories

1
Fortinet
2FA request can be replayed without a valid token after one successful request2026-04-14
CVE-2026-23708 — Improper Authentication in Fortinet | cvebase