{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-27316", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "state": "PUBLISHED", "assignerShortName": "fortinet", "dateReserved": "2026-02-19T09:02:02.381Z", "datePublished": "2026-04-14T15:38:02.149Z", "dateUpdated": "2026-04-14T16:46:17.486Z"}, "containers": {"cna": {"affected": [{"vendor": "Fortinet", "product": "FortiSandbox", "cpes": ["cpe:2.3:a:fortinet:fortisandbox:5.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:4.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "5.0.0", "lessThanOrEqual": "5.0.5", "status": "affected"}, {"versionType": "semver", "version": "4.4.0", "lessThanOrEqual": "4.4.9", "status": "affected"}]}, {"vendor": "Fortinet", "product": "FortiSandbox PaaS", "cpes": ["cpe:2.3:a:fortinet:fortisandboxpaas:23.4.4374:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandboxpaas:23.4.4350:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandboxpaas:23.3.4329:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandboxpaas:23.1.4245:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandboxpaas:22.2.4151:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandboxpaas:22.2.4134:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandboxpaas:22.1.4113:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandboxpaas:21.4.4072:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandboxpaas:21.3.4055:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandboxpaas:5.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandboxpaas:5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandboxpaas:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandboxpaas:5.0.1:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "23.4.4374", "status": "affected"}, {"version": "23.4.4350", "status": "affected"}, {"version": "23.3.4329", "status": "affected"}, {"version": "23.1.4245", "status": "affected"}, {"version": "22.2.4151", "status": "affected"}, {"version": "22.2.4134", "status": "affected"}, {"version": "22.1.4113", "status": "affected"}, {"version": "21.4.4072", "status": "affected"}, {"version": "21.3.4055", "status": "affected"}, {"versionType": "semver", "version": "5.0.1", "lessThanOrEqual": "5.0.5", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 through 5.0.5 may allow an authenticathed administrator to read LDAP server credentials via client-side inspection."}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2026-04-14T15:38:02.149Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-522", "description": "Information disclosure", "type": "CWE"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.5, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C"}}], "solutions": [{"lang": "en", "value": "Upgrade to upcoming FortiSandbox version 5.2.0 or above\nUpgrade to FortiSandbox version 5.0.6 or above\nUpgrade to FortiSandbox PaaS version 5.0.6 or above"}], "references": [{"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-113", "url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-113"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-27316", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-14T16:29:34.942295Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T16:46:17.486Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-27316", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-14T16:29:34.942295Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T16:37:36.752Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.5, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}}], "affected": [{"cpes": ["cpe:2.3:a:fortinet:fortisandbox:5.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:4.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:*"], "vendor": "Fortinet", "product": "FortiSandbox", "versions": [{"status": "affected", "version": "5.0.0", "versionType": "semver", "lessThanOrEqual": "5.0.5"}, {"status": "affected", "version": "4.4.0", "versionType": "semver", "lessThanOrEqual": "4.4.9"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:fortinet:fortisandboxpaas:23.4.4374:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandboxpaas:23.4.4350:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandboxpaas:23.3.4329:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandboxpaas:23.1.4245:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandboxpaas:22.2.4151:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandboxpaas:22.2.4134:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandboxpaas:22.1.4113:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandboxpaas:21.4.4072:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandboxpaas:21.3.4055:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandboxpaas:5.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandboxpaas:5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandboxpaas:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisandboxpaas:5.0.1:*:*:*:*:*:*:*"], "vendor": "Fortinet", "product": "FortiSandbox PaaS", "versions": [{"status": "affected", "version": "23.4.4374"}, {"status": "affected", "version": "23.4.4350"}, {"status": "affected", "version": "23.3.4329"}, {"status": "affected", "version": "23.1.4245"}, {"status": "affected", "version": "22.2.4151"}, {"status": "affected", "version": "22.2.4134"}, {"status": "affected", "version": "22.1.4113"}, {"status": "affected", "version": "21.4.4072"}, {"status": "affected", "version": "21.3.4055"}, {"status": "affected", "version": "5.0.1", "versionType": "semver", "lessThanOrEqual": "5.0.5"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Upgrade to upcoming FortiSandbox version 5.2.0 or above\nUpgrade to FortiSandbox version 5.0.6 or above\nUpgrade to FortiSandbox PaaS version 5.0.6 or above"}], "references": [{"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-113", "name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-113"}], "descriptions": [{"lang": "en", "value": "A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 through 5.0.5 may allow an authenticathed administrator to read LDAP server credentials via client-side inspection."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-522", "description": "Information disclosure"}]}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2026-04-14T15:38:02.149Z"}}}, "cveMetadata": {"cveId": "CVE-2026-27316", "state": "PUBLISHED", "dateUpdated": "2026-04-14T16:46:17.486Z", "dateReserved": "2026-02-19T09:02:02.381Z", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "datePublished": "2026-04-14T15:38:02.149Z", "assignerShortName": "fortinet"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:*", "matchCriteriaId": "69DCB6D2-21D3-4EE8-9A81-5DA8292EFB28", "versionEndExcluding": "5.0.6", "versionStartIncluding": "4.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortisandbox_cloud:5.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "E5E86B19-95E8-4107-85DC-EFE47225418C", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortisandbox_cloud:5.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "FDAB696D-20A1-4C1A-8DD6-FDECD560AC9C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 through 5.0.5 may allow an authenticathed administrator to read LDAP server credentials via client-side inspection."}], "id": "CVE-2026-27316", "lastModified": "2026-04-22T18:54:01.610", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 1.4, "source": "psirt@fortinet.com", "type": "Secondary"}]}, "published": "2026-04-14T16:16:37.863", "references": [{"source": "psirt@fortinet.com", "tags": ["Vendor Advisory"], "url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-113"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-522"}], "source": "psirt@fortinet.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[5.0.0,5.0.5]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[4.4.0,4.4.9]"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "FortiSandbox", "source": "cna", "vendor": "Fortinet"}, "product": "fortisandbox", "vendor": "fortinet"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "23.4.4374"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "23.4.4350"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "23.3.4329"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "23.1.4245"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "22.2.4151"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "22.2.4134"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "22.1.4113"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "21.4.4072"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "21.3.4055"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[5.0.1,5.0.5]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "FortiSandbox PaaS", "source": "cna", "vendor": "Fortinet"}, "product": "fortisandbox_paas", "vendor": "fortinet"}], "analysis": {"en": {"generated_at": "2026-04-14T18:14:02.064696+00:00", "value": {"mitigation_remediation": ["Upgrade FortiSandbox to version 5.2.0 or newer as available.", "If running FortiSandbox 5.0.x, upgrade to 5.0.6 or newer.", "If running FortiSandbox PaaS 5.0.x, upgrade to 5.0.6 or newer."], "summary": {"action": "Immediate Patch", "impact": "Credential Disclosure"}, "threat_synthesis": {"affected_systems": "The vulnerability affects Fortinet FortiSandbox versions 4.4.x, 5.0.0 through 5.0.5, and FortiSandbox PaaS versions 5.0.1 through 5.0.5. These are all releases listed by Fortinet, ranging from on\u2011premises appliances to cloud\u2011based PaaS deployments.", "description_and_impact": "The vulnerability arises from insufficient protection of credentials used by Fortinet FortiSandbox. An authenticated administrator can exploit client\u2011side inspection to view the LDAP server credentials that the sandbox accesses. This disclosure can expose privileged secrets, enabling further internal attacks or privilege escalation. The weakness corresponds to CWE\u2011522, Credential Exposure.", "risk_and_exploitability": "The CVSS score is 2.5, classification as low severity, and the vulnerability is not currently listed in CISA\u2019s KEV catalog. Exploit probability data is not available. Exploitation requires an authenticated administrator and relies on client\u2011side inspection of LDAP credentials, implying that only users with privileged access could exploit this. Consequently, the risk of widespread exploitation is limited, but internal attackers possessing administrative rights remain at risk."}}}}, "created": "2026-04-15T15:30:06.827292+00:00", "title": "Insufficiently Protected Credentials Expose LDAP Server Secrets", "updated": "2026-04-15T21:02:59.981447+00:00", "vendors": ["fortinet", "fortinet$PRODUCT$fortisandbox", "fortinet$PRODUCT$fortisandbox_paas"]}