Vulnerabilities > Missing Authentication for Critical Function
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-07-24 | CVE-2024-7079 | Missing Authentication for Critical Function vulnerability in Redhat Openshift Container Platform 3.11/4.0 A flaw was found in the Openshift console. | 6.5 |
2024-07-10 | CVE-2024-6422 | An unauthenticated remote attacker can manipulate the device via Telnet, stop processes, read, delete and change data. | 9.8 |
2024-03-12 | CVE-2024-25995 | An unauthenticated remote attacker can modify configurations to perform a remote code execution due to a missing authentication for a critical function. | 9.8 |
2024-02-06 | CVE-2023-40545 | Missing Authentication for Critical Function vulnerability in Pingidentity Pingfederate 11.3.0 Authentication bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted requests. | 9.8 |
2024-02-06 | CVE-2024-23917 | Missing Authentication for Critical Function vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible | 9.8 |
2024-02-01 | CVE-2023-49115 | Missing Authentication for Critical Function vulnerability in Machinesense Feverwarn Firmware MachineSense devices use unauthenticated MQTT messaging to monitor devices and remote viewing of sensor data by users. | 7.5 |
2024-02-01 | CVE-2023-49617 | Missing Authentication for Critical Function vulnerability in Machinesense Feverwarn Firmware The MachineSense application programmable interface (API) is improperly protected and can be accessed without authentication. | 9.1 |
2024-02-01 | CVE-2023-6221 | Missing Authentication for Critical Function vulnerability in Machinesense Feverwarn Firmware The cloud provider MachineSense uses for integration and deployment for multiple MachineSense devices, such as the programmable logic controller (PLC), PumpSense, PowerAnalyzer, FeverWarn, and others is insufficiently protected against unauthorized access. | 6.5 |
2024-02-01 | CVE-2024-22449 | Missing Authentication for Critical Function vulnerability in Dell Powerscale Onefs Dell PowerScale OneFS versions 9.0.0.x through 9.6.0.x contains a missing authentication for critical function vulnerability. | 7.8 |
2024-01-30 | CVE-2023-6942 | Missing Authentication for Critical Function vulnerability in Mitsubishielectric products Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, FR Configurator2 all versions, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GX Works2 versions 1.11M and later, GX Works3 all versions, MELSOFT Navigator versions 1.04E and later, MT Works2 all versions, MX Component versions 4.00A and later and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to bypass authentication by sending specially crafted packets and connect to the products illegally. | 7.5 |