cbcvebase.
CVE-2026-27316
published 2026-04-14

CVE-2026-27316: A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1…

low2.7CVSS 3.1
AVNACLPRHUINSUCLINAN
A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 through 5.0.5 may allow an authenticathed administrator to read LDAP server credentials via client-side inspection.

Affected

17 ranges
VendorProductVersion rangeFixed in
fortinetfortinet
fortinetfortisandbox
fortinetfortisandbox>= 4.4.0 < 5.0.65.0.6
fortinetfortisandbox4.4.0 – 4.4.9
fortinetfortisandbox5.0.0 – 5.0.5
fortinetfortisandbox_cloud
fortinetfortisandbox_cloud
fortinetfortisandbox_paas
fortinetfortisandbox_paas
fortinetfortisandbox_paas
fortinetfortisandbox_paas
fortinetfortisandbox_paas
fortinetfortisandbox_paas
fortinetfortisandbox_paas
fortinetfortisandbox_paas
fortinetfortisandbox_paas
fortinetfortisandbox_paas5.0.1 – 5.0.5