{"api_version":"1","generated_at":"2026-04-23T05:59:07+00:00","cve":"CVE-2026-27316","urls":{"html":"https://cve.report/CVE-2026-27316","api":"https://cve.report/api/cve/CVE-2026-27316.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-27316","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-27316"},"summary":{"title":"CVE-2026-27316","description":"A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 through 5.0.5 may allow an authenticathed administrator to read LDAP server credentials via client-side inspection.","state":"PUBLISHED","assigner":"fortinet","published_at":"2026-04-14 16:16:37","updated_at":"2026-04-22 18:54:01"},"problem_types":["CWE-522","CWE-522 Information disclosure"],"metrics":[{"version":"3.1","source":"psirt@fortinet.com","type":"Secondary","score":"2.7","severity":"LOW","vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N","baseScore":2.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"}},{"version":"3.1","source":"CNA","type":"CVSS","score":"2.5","severity":"LOW","vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":2.5,"baseSeverity":"LOW","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C","version":"3.1"}}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-26-113","name":"https://fortiguard.fortinet.com/psirt/FG-IR-26-113","refsource":"psirt@fortinet.com","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-27316","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27316","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Fortinet","product":"FortiSandbox","version":"affected 5.0.0 5.0.5 semver","platforms":[]},{"source":"CNA","vendor":"Fortinet","product":"FortiSandbox","version":"affected 4.4.0 4.4.9 semver","platforms":[]},{"source":"CNA","vendor":"Fortinet","product":"FortiSandbox PaaS","version":"affected 23.4.4374","platforms":[]},{"source":"CNA","vendor":"Fortinet","product":"FortiSandbox PaaS","version":"affected 23.4.4350","platforms":[]},{"source":"CNA","vendor":"Fortinet","product":"FortiSandbox PaaS","version":"affected 23.3.4329","platforms":[]},{"source":"CNA","vendor":"Fortinet","product":"FortiSandbox PaaS","version":"affected 23.1.4245","platforms":[]},{"source":"CNA","vendor":"Fortinet","product":"FortiSandbox PaaS","version":"affected 22.2.4151","platforms":[]},{"source":"CNA","vendor":"Fortinet","product":"FortiSandbox PaaS","version":"affected 22.2.4134","platforms":[]},{"source":"CNA","vendor":"Fortinet","product":"FortiSandbox PaaS","version":"affected 22.1.4113","platforms":[]},{"source":"CNA","vendor":"Fortinet","product":"FortiSandbox PaaS","version":"affected 21.4.4072","platforms":[]},{"source":"CNA","vendor":"Fortinet","product":"FortiSandbox PaaS","version":"affected 21.3.4055","platforms":[]},{"source":"CNA","vendor":"Fortinet","product":"FortiSandbox PaaS","version":"affected 5.0.1 5.0.5 semver","platforms":[]}],"timeline":[],"solutions":[{"source":"CNA","title":"","value":"Upgrade to upcoming  FortiSandbox version 5.2.0 or above\nUpgrade to FortiSandbox version 5.0.6 or above\nUpgrade to FortiSandbox PaaS version 5.0.6 or above","time":"","lang":"en"}],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2026","cve_id":"27316","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fortinet","cpe5":"fortisandbox","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"27316","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fortinet","cpe5":"fortisandbox_cloud","cpe6":"5.0.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"27316","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fortinet","cpe5":"fortisandbox_cloud","cpe6":"5.0.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"27316","cve":"CVE-2026-27316","epss":"0.000330000","percentile":"0.094970000","score_date":"2026-04-22","updated_at":"2026-04-23 00:03:15"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-27316","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2026-04-14T16:29:34.942295Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-04-14T16:46:17.486Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"cpes":["cpe:2.3:a:fortinet:fortisandbox:5.0.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:5.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:5.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:*"],"defaultStatus":"unaffected","product":"FortiSandbox","vendor":"Fortinet","versions":[{"lessThanOrEqual":"5.0.5","status":"affected","version":"5.0.0","versionType":"semver"},{"lessThanOrEqual":"4.4.9","status":"affected","version":"4.4.0","versionType":"semver"}]},{"cpes":["cpe:2.3:a:fortinet:fortisandboxpaas:23.4.4374:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:23.4.4350:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:23.3.4329:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:23.1.4245:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:22.2.4151:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:22.2.4134:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:22.1.4113:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:21.4.4072:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:21.3.4055:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:5.0.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:5.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:5.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:5.0.1:*:*:*:*:*:*:*"],"defaultStatus":"unaffected","product":"FortiSandbox PaaS","vendor":"Fortinet","versions":[{"status":"affected","version":"23.4.4374"},{"status":"affected","version":"23.4.4350"},{"status":"affected","version":"23.3.4329"},{"status":"affected","version":"23.1.4245"},{"status":"affected","version":"22.2.4151"},{"status":"affected","version":"22.2.4134"},{"status":"affected","version":"22.1.4113"},{"status":"affected","version":"21.4.4072"},{"status":"affected","version":"21.3.4055"},{"lessThanOrEqual":"5.0.5","status":"affected","version":"5.0.1","versionType":"semver"}]}],"descriptions":[{"lang":"en","value":"A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 through 5.0.5 may allow an authenticathed administrator to read LDAP server credentials via client-side inspection."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":2.5,"baseSeverity":"LOW","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C","version":"3.1"},"format":"CVSS"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-522","description":"Information disclosure","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-04-14T15:38:02.149Z","orgId":"6abe59d8-c742-4dff-8ce8-9b0ca1073da8","shortName":"fortinet"},"references":[{"name":"https://fortiguard.fortinet.com/psirt/FG-IR-26-113","url":"https://fortiguard.fortinet.com/psirt/FG-IR-26-113"}],"solutions":[{"lang":"en","value":"Upgrade to upcoming  FortiSandbox version 5.2.0 or above\nUpgrade to FortiSandbox version 5.0.6 or above\nUpgrade to FortiSandbox PaaS version 5.0.6 or above"}]}},"cveMetadata":{"assignerOrgId":"6abe59d8-c742-4dff-8ce8-9b0ca1073da8","assignerShortName":"fortinet","cveId":"CVE-2026-27316","datePublished":"2026-04-14T15:38:02.149Z","dateReserved":"2026-02-19T09:02:02.381Z","dateUpdated":"2026-04-14T16:46:17.486Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-04-14 16:16:37","lastModifiedDate":"2026-04-22 18:54:01","problem_types":["CWE-522","CWE-522 Information disclosure"],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N","baseScore":2.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":1.4}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.0","versionEndExcluding":"5.0.6","matchCriteriaId":"69DCB6D2-21D3-4EE8-9A81-5DA8292EFB28"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisandbox_cloud:5.0.4:*:*:*:*:*:*:*","matchCriteriaId":"E5E86B19-95E8-4107-85DC-EFE47225418C"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisandbox_cloud:5.0.5:*:*:*:*:*:*:*","matchCriteriaId":"FDAB696D-20A1-4C1A-8DD6-FDECD560AC9C"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"27316","Ordinal":"1","Title":"CVE-2026-27316","CVE":"CVE-2026-27316","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"27316","Ordinal":"1","NoteData":"A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 through 5.0.5 may allow an authenticathed administrator to read LDAP server credentials via client-side inspection.","Type":"Description","Title":"CVE-2026-27316"}]}}}