← Home

Improper access control on API endpoints

CVEs

CVECVSSCWEExploitation
CVE-2026-44277 9.1 CWE-284: Improper Access Control Not observed in the wild

Affected Products

ProductAffected versionsFixed version
FortiAuthenticator 8.0.2 Not specified by vendor
FortiAuthenticator 8.0.0 Not specified by vendor
FortiAuthenticator 6.6.8 Not specified by vendor
FortiAuthenticator 6.6.7 Not specified by vendor
FortiAuthenticator 6.6.6 Not specified by vendor
FortiAuthenticator 6.6.5 Not specified by vendor
FortiAuthenticator 6.6.4 Not specified by vendor
FortiAuthenticator 6.6.3 Not specified by vendor
FortiAuthenticator 6.6.2 Not specified by vendor
FortiAuthenticator 6.6.1 Not specified by vendor
FortiAuthenticator 6.6.0 Not specified by vendor
FortiAuthenticator 6.5.6 Not specified by vendor
FortiAuthenticator 6.5.5 Not specified by vendor
FortiAuthenticator 6.5.4 Not specified by vendor
FortiAuthenticator 6.5.3 Not specified by vendor
FortiAuthenticator 6.5.2 Not specified by vendor
FortiAuthenticator 6.5.1 Not specified by vendor
FortiAuthenticator 6.5.0 Not specified by vendor
FortiAuthenticator 6.4.10 Not specified by vendor
FortiAuthenticator 6.4.9 Not specified by vendor
FortiAuthenticator 6.4.8 Not specified by vendor
FortiAuthenticator 6.4.7 Not specified by vendor
FortiAuthenticator 6.4.6 Not specified by vendor
FortiAuthenticator 6.4.5 Not specified by vendor
FortiAuthenticator 6.4.4 Not specified by vendor
FortiAuthenticator 6.4.3 Not specified by vendor
FortiAuthenticator 6.4.2 Not specified by vendor
FortiAuthenticator 6.4.1 Not specified by vendor
FortiAuthenticator 6.4.0 Not specified by vendor