Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2022-06-15 CVE-2022-32157 Missing Authentication for Critical Function vulnerability in Splunk
Splunk Enterprise deployment servers in versions before 9.0 allow unauthenticated downloading of forwarder bundles.
network
low complexity
splunk CWE-306
5.0
2022-06-14 CVE-2022-30230 Missing Authentication for Critical Function vulnerability in Siemens Sicam Gridedge Essential
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM GridEdge Essential Intel (All versions < V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions < V2.6.6), SICAM GridEdge Essential with GDS Intel (All versions < V2.6.6).
network
low complexity
siemens CWE-306
7.5
2022-06-14 CVE-2022-32251 Missing Authentication for Critical Function vulnerability in Siemens Sinema Remote Connect Server
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1).
network
low complexity
siemens CWE-306
7.5
2022-06-09 CVE-2022-29226 Missing Authentication for Critical Function vulnerability in Envoyproxy Envoy
Envoy is a cloud-native high-performance proxy.
network
low complexity
envoyproxy CWE-306
6.4
2022-05-25 CVE-2022-26026 Missing Authentication for Critical Function vulnerability in Openautomationsoftware OAS Platform 16.00.0112
A denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of Open Automation Software OAS Platform V16.00.0112.
network
low complexity
openautomationsoftware CWE-306
5.0
2022-05-25 CVE-2022-26043 Missing Authentication for Critical Function vulnerability in Openautomationsoftware OAS Platform 16.00.0112
An external config control vulnerability exists in the OAS Engine SecureAddSecurity functionality of Open Automation Software OAS Platform V16.00.0112.
network
low complexity
openautomationsoftware CWE-306
5.0
2022-05-25 CVE-2022-26067 Missing Authentication for Critical Function vulnerability in Openautomationsoftware OAS Platform 16.00.0112
An information disclosure vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112.
network
low complexity
openautomationsoftware CWE-306
5.0
2022-05-25 CVE-2022-26082 Missing Authentication for Critical Function vulnerability in Openautomationsoftware OAS Platform 16.00.0112
A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112.
network
low complexity
openautomationsoftware CWE-306
7.5
2022-05-25 CVE-2022-26303 Missing Authentication for Critical Function vulnerability in Openautomationsoftware OAS Platform 16.00.0112
An external config control vulnerability exists in the OAS Engine SecureAddUser functionality of Open Automation Software OAS Platform V16.00.0112.
network
low complexity
openautomationsoftware CWE-306
5.0
2022-05-25 CVE-2022-26833 Missing Authentication for Critical Function vulnerability in Openautomationsoftware OAS Platform 16.00.0112
An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121.
network
low complexity
openautomationsoftware CWE-306
7.5