Published: 08/04/2025 Updated: 08/04/2025

Information Disclosure Vulnerability in Fortinet FortiOS 7.2.0-7.2.1 via LDAP Server Modification

A storing passwords in a recoverable format in Fortinet FortiOS versions 7.2.0 up to and including 7.2.1 allows malicious user to information disclosure via modification of LDAP server IP to point to a malicious server.

Please upgrade to FortiOS version 7.6.0 or above

Vulnerable Product	Search on Vulmon	Subscribe to Product
fortinet fortios 7.4.7
fortinet fortios 7.4.6
fortinet fortios 7.4.5
fortinet fortios 7.4.4
fortinet fortios 7.4.3
fortinet fortios 7.4.2
fortinet fortios 7.4.1
fortinet fortios 7.4.0
fortinet fortios 7.2.11
fortinet fortios 7.2.10
fortinet fortios 7.2.9
fortinet fortios 7.2.8
fortinet fortios 7.2.7
fortinet fortios 7.2.6
fortinet fortios 7.2.5
fortinet fortios 7.2.4
fortinet fortios 7.2.3
fortinet fortios 7.2.2
fortinet fortios 7.2.1
fortinet fortios 7.2.0
fortinet fortios 7.0.17
fortinet fortios 7.0.16
fortinet fortios 7.0.15
fortinet fortios 7.0.14
fortinet fortios 7.0.13
fortinet fortios 7.0.12
fortinet fortios 7.0.11
fortinet fortios 7.0.10
fortinet fortios 7.0.9
fortinet fortios 7.0.8
fortinet fortios 7.0.7
fortinet fortios 7.0.6
fortinet fortios 7.0.5
fortinet fortios 7.0.4
fortinet fortios 7.0.3
fortinet fortios 7.0.2
fortinet fortios 7.0.1
fortinet fortios 7.0.0
fortinet fortios 6.4.16
fortinet fortios 6.4.15
fortinet fortios 6.4.14
fortinet fortios 6.4.13
fortinet fortios 6.4.12
fortinet fortios 6.4.11
fortinet fortios 6.4.10
fortinet fortios 6.4.9
fortinet fortios 6.4.8
fortinet fortios 6.4.7
fortinet fortios 6.4.6
fortinet fortios 6.4.5
fortinet fortios 6.4.4
fortinet fortios 6.4.3
fortinet fortios 6.4.2
fortinet fortios 6.4.1
fortinet fortios 6.4.0
fortinet fortios

CWE-257 https://nvd.nist.gov https://www.first.org/epss https://fortiguard.fortinet.com/psirt/FG-IR-24-111

CVE-2024-32122

Vulnerability Summary

Solution

References

Vulmon Search

About

Products

Connect