Unrated severityNVD Advisory· Published Mar 10, 2026· Updated Mar 10, 2026
CVE-2025-55717
CVE-2025-55717
Description
A cleartext storage of sensitive information vulnerability [CWE-312] vulnerability in Fortinet FortiMail 7.6.0 through 7.6.2, FortiMail 7.4.0 through 7.4.4, FortiMail 7.2.0 through 7.2.7, FortiMail 7.0.0 through 7.0.8, FortiRecorder 7.2.0 through 7.2.3, FortiRecorder 7.0 all versions, FortiRecorder 6.4 all versions, FortiVoice 7.2.0, FortiVoice 7.0.0 through 7.0.6 may allow an authenticated malicious administrator to obtain user's secrets via CLI commands. Practical exploitability is limited by conditions out of the control of the attacker: An admin must log in to the targeted device.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:fortinet:fortirecorder:7.2.3:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:fortinet:fortirecorder:7.2.3:*:*:*:*:*:*:*range: 7.2.0
- (no CPE)range: 6.4 all versions, 7.0 all versions, 7.2.0-7.2.3
cpe:2.3:a:fortinet:fortivoice:7.2.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:fortinet:fortivoice:7.2.0:*:*:*:*:*:*:*range: 7.2.0
- (no CPE)range: 7.0.0-7.0.6, 7.2.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.