Home

Description

A improper authentication vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR on-premise 7.6.0 through 7.6.3, FortiSOAR on-premise 7.5.0 through 7.5.2 may allow an unauthenticated attacker to bypass authentication via replaying captured 2FA request. The attack requires being able to intercept and decrypt authentication traffic and precise timing to replay the request before token expiration, which raises the attack complexity.

PUBLISHED Reserved 2026-01-15 | Published 2026-04-14 | Updated 2026-04-15 | Assigner fortinet




MEDIUM: 6.7CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

Problem types

Escalation of privilege

Product status

Default status
unaffected

7.6.0 (semver)
affected

7.5.0 (semver)
affected

Default status
unaffected

7.6.0 (semver)
affected

7.5.0 (semver)
affected

References

fortiguard.fortinet.com/psirt/FG-IR-26-101

cve.org (CVE-2026-23708)

nvd.nist.gov (CVE-2026-23708)

Download JSON