VYPR
Unrated severityNVD Advisory· Published Mar 10, 2026· Updated Mar 10, 2026

CVE-2025-55717

CVE-2025-55717

Description

A cleartext storage of sensitive information vulnerability [CWE-312] vulnerability in Fortinet FortiMail 7.6.0 through 7.6.2, FortiMail 7.4.0 through 7.4.4, FortiMail 7.2.0 through 7.2.7, FortiMail 7.0.0 through 7.0.8, FortiRecorder 7.2.0 through 7.2.3, FortiRecorder 7.0 all versions, FortiRecorder 6.4 all versions, FortiVoice 7.2.0, FortiVoice 7.0.0 through 7.0.6 may allow an authenticated malicious administrator to obtain user's secrets via CLI commands. Practical exploitability is limited by conditions out of the control of the attacker: An admin must log in to the targeted device.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • Fortinet/Fortimailv52 versions
    cpe:2.3:a:fortinet:fortimail:7.6.2:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:fortinet:fortimail:7.6.2:*:*:*:*:*:*:*range: 7.6.0
    • (no CPE)range: 7.0.0-7.0.8, 7.2.0-7.2.7, 7.4.0-7.4.4, 7.6.0-7.6.2
  • Fortinet/FortiRecordercpe-rescue2 versions
    cpe:2.3:a:fortinet:fortirecorder:7.2.3:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:fortinet:fortirecorder:7.2.3:*:*:*:*:*:*:*range: 7.2.0
    • (no CPE)range: 6.4 all versions, 7.0 all versions, 7.2.0-7.2.3
  • Fortinet/Fortivoicev52 versions
    cpe:2.3:a:fortinet:fortivoice:7.2.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:fortinet:fortivoice:7.2.0:*:*:*:*:*:*:*range: 7.2.0
    • (no CPE)range: 7.0.0-7.0.6, 7.2.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.