CVE-2024-32122: Information disclosure in Fortinet FortiOS
A storing passwords in a recoverable format in Fortinet FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to information disclosure via modification of LDAP server IP to point to a malicious server.
AI Analysis
Technical Summary
This vulnerability in Fortinet FortiOS allows an attacker with high privileges to cause information disclosure by modifying the LDAP server IP address to redirect to a malicious server. The root cause is that passwords are stored in a recoverable format in affected versions, including FortiOS 6.4 all versions, 7.0 all versions, 7.2 all versions, and 7.4.0 through 7.4.8. The CVSS 3.1 base score is 2.1, reflecting low severity, with an attack vector requiring local access and high privileges. The vendor has assigned a remediation level of workaround, indicating no official patch is currently available.
Potential Impact
An attacker with high privileges on the system can modify the LDAP server IP configuration to redirect authentication requests to a malicious server, potentially exposing stored passwords that are kept in a recoverable format. The impact is limited to information disclosure with no integrity or availability impact. The low CVSS score reflects the limited scope and required privileges for exploitation.
Mitigation Recommendations
The vendor has assigned a remediation level of workaround, indicating no official patch is currently available. Users should apply any recommended configuration workarounds provided by Fortinet to mitigate the risk. Monitoring and restricting administrative access to prevent unauthorized modification of LDAP server settings is advised. Patch status is not yet confirmed — check the Fortinet advisory for current remediation guidance.
CVE-2024-32122: Information disclosure in Fortinet FortiOS
Description
A storing passwords in a recoverable format in Fortinet FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to information disclosure via modification of LDAP server IP to point to a malicious server.
CVSS v3.1
Score 2.1low
Affected software
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability in Fortinet FortiOS allows an attacker with high privileges to cause information disclosure by modifying the LDAP server IP address to redirect to a malicious server. The root cause is that passwords are stored in a recoverable format in affected versions, including FortiOS 6.4 all versions, 7.0 all versions, 7.2 all versions, and 7.4.0 through 7.4.8. The CVSS 3.1 base score is 2.1, reflecting low severity, with an attack vector requiring local access and high privileges. The vendor has assigned a remediation level of workaround, indicating no official patch is currently available.
Potential Impact
An attacker with high privileges on the system can modify the LDAP server IP configuration to redirect authentication requests to a malicious server, potentially exposing stored passwords that are kept in a recoverable format. The impact is limited to information disclosure with no integrity or availability impact. The low CVSS score reflects the limited scope and required privileges for exploitation.
Mitigation Recommendations
The vendor has assigned a remediation level of workaround, indicating no official patch is currently available. Users should apply any recommended configuration workarounds provided by Fortinet to mitigate the risk. Monitoring and restricting administrative access to prevent unauthorized modification of LDAP server settings is advised. Patch status is not yet confirmed — check the Fortinet advisory for current remediation guidance.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- fortinet
- Date Reserved
- 2024-04-11T12:09:46.571Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- workaround
Threat ID: 691ca899209f2030fa01698b
Added to database: 11/18/2025, 17:10:49 UTC
Last enriched: 06/09/2026, 10:30:51 UTC
Last updated: 07/08/2026, 10:28:13 UTC
Views: 305
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.