Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-09 | CVE-2021-28913 | Missing Authentication for Critical Function vulnerability in Bab-Technologie Eibport Firmware 3.8.2/3.8.3 BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /webif/SecurityModule to validate the so called and hard coded unique 'eibPort String' which acts as the root SSH key passphrase. | 10.0 |
| 2021-09-09 | CVE-2021-38540 | Missing Authentication for Critical Function vulnerability in Apache Airflow The variable import endpoint was not protected by authentication in Airflow >=2.0.0, <2.1.3. | 7.5 |
| 2021-09-07 | CVE-2021-32800 | Missing Authentication for Critical Function vulnerability in Nextcloud Nextcloud server is an open source, self hosted personal cloud. | 6.4 |
| 2021-08-25 | CVE-2021-33882 | Missing Authentication for Critical Function vulnerability in Bbraun Spacecom2 A Missing Authentication for Critical Function vulnerability in B. | 5.0 |
| 2021-08-19 | CVE-2021-31868 | Missing Authentication for Critical Function vulnerability in Rapid7 Nexpose Rapid7 Nexpose version 6.6.95 and earlier allows authenticated users of the Security Console to view and edit any ticket in the legacy ticketing feature, regardless of the assignment of the ticket. | 5.5 |
| 2021-08-11 | CVE-2020-25563 | Missing Authentication for Critical Function vulnerability in Sapphireims 5.0 In SapphireIMS 5.0, it is possible to create local administrator on any client without requiring any credentials by directly accessing RemoteMgmtTaskSave (Automation Tasks) feature and not having a JSESSIONID. | 7.5 |
| 2021-08-02 | CVE-2021-37843 | Missing Authentication for Critical Function vulnerability in Atlassian Saml Single Sign ON The resolution SAML SSO apps for Atlassian products allow a remote attacker to login to a user account when only the username is known (i.e., no other authentication is provided). | 7.5 |
| 2021-07-22 | CVE-2020-7389 | Missing Authentication for Critical Function vulnerability in Sage Syracuse Sage X3 System CHAINE Variable Script Command Injection. | 9.0 |
| 2021-07-21 | CVE-2020-21936 | Missing Authentication for Critical Function vulnerability in Motorola CX2 Firmware 1.0.2 An issue in HNAP1/GetMultipleHNAPs of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to access the components GetStationSettings, GetWebsiteFilterSettings and GetNetworkSettings without authentication. | 5.0 |
| 2021-07-21 | CVE-2021-22772 | Missing Authentication for Critical Function vulnerability in Schneider-Electric T200E Firmware, T200I Firmware and T200P Firmware A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T200 ((Modbus) SC2-04MOD-07000100 and earlier), Easergy T200 ((IEC104) SC2-04IEC-07000100 and earlier), and Easergy T200 ((DNP3) SC2-04DNP-07000102 and earlier) that could cause unauthorized operation when authentication is bypassed. | 7.5 |