{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-02T15:04:11.956","vulnerabilities":[{"cve":{"id":"CVE-2025-55717","sourceIdentifier":"psirt@fortinet.com","published":"2026-03-10T18:17:58.543","lastModified":"2026-03-12T20:39:40.843","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A cleartext storage of sensitive information vulnerability [CWE-312] vulnerability in Fortinet FortiMail 7.6.0 through 7.6.2, FortiMail 7.4.0 through 7.4.4, FortiMail 7.2.0 through 7.2.7, FortiMail 7.0.0 through 7.0.8, FortiRecorder 7.2.0 through 7.2.3, FortiRecorder 7.0 all versions, FortiRecorder 6.4 all versions, FortiVoice 7.2.0, FortiVoice 7.0.0 through 7.0.6 may allow an authenticated malicious administrator to obtain user's secrets via CLI commands. Practical exploitability is limited by conditions out of the control of the attacker: An admin must log in to the targeted device."},{"lang":"es","value":"Una vulnerabilidad de almacenamiento de información sensible en texto claro [CWE-312] vulnerabilidad en Fortinet FortiMail 7.6.0 hasta 7.6.2, FortiMail 7.4.0 hasta 7.4.4, FortiMail 7.2.0 hasta 7.2.7, FortiMail 7.0.0 hasta 7.0.8, FortiRecorder 7.2.0 hasta 7.2.3, FortiRecorder 7.0 todas las versiones, FortiRecorder 6.4 todas las versiones, FortiVoice 7.2.0, FortiVoice 7.0.0 hasta 7.0.6 puede permitir a un administrador malicioso autenticado obtener los secretos del usuario a través de comandos CLI. La explotabilidad práctica está limitada por condiciones fuera del control del atacante: Un administrador debe iniciar sesión en el dispositivo objetivo."}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N","baseScore":4.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.3,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N","baseScore":4.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.3,"impactScore":3.6}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Primary","description":[{"lang":"en","value":"CWE-312"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.7","matchCriteriaId":"58472BB4-2426-44B5-8D17-9C984EA567EB"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortivoice:7.2.0:*:*:*:*:*:*:*","matchCriteriaId":"76B48D4B-338A-4CEB-8712-6D880FF0F034"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndExcluding":"7.2.4","matchCriteriaId":"858BA90E-F4C0-44D3-B453-FBCAC8848BAB"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.9","matchCriteriaId":"F05ACB93-42BC-43CD-845F-35FA9FE1D92D"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndExcluding":"7.2.8","matchCriteriaId":"8395970D-F937-4D1C-9FE1-90348F33FA94"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.0","versionEndExcluding":"7.4.5","matchCriteriaId":"3A40DE6A-D852-4B7E-BA67-B5DBBB3D427C"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*","versionStartIncluding":"7.6.0","versionEndExcluding":"7.6.3","matchCriteriaId":"F2F1655C-A21F-4FD3-875C-4E1DD8A7E178"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-26-080","source":"psirt@fortinet.com","tags":["Vendor Advisory"]}]}}]}