Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-22 | CVE-2023-3104 | Missing Authentication for Critical Function vulnerability in Unitree A1 Firmware Lack of authentication vulnerability. | 7.5 |
| 2023-11-21 | CVE-2023-42770 | Missing Authentication for Critical Function vulnerability in Redlioncontrols products Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. | 9.8 |
| 2023-11-16 | CVE-2023-47674 | Missing Authentication for Critical Function vulnerability in C-First products Missing authentication for critical function vulnerability in First Corporation's DVRs allows a remote unauthenticated attacker to rewrite or obtain the configuration information of the affected device. | 9.8 |
| 2023-11-14 | CVE-2023-34060 | Missing Authentication for Critical Function vulnerability in VMWare Cloud Director 10.4.0 VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from an older version. On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the appliance can bypass login restrictions when authenticating on port 22 (ssh) or port 5480 (appliance management console) . | 9.8 |
| 2023-11-14 | CVE-2023-46096 | Missing Authentication for Critical Function vulnerability in Siemens Simatic PCS NEO 3.0/3.1/4.0 A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). | 6.5 |
| 2023-11-08 | CVE-2023-45140 | Missing Authentication for Critical Function vulnerability in OVH The-Bastion The Bastion provides authentication, authorization, traceability and auditability for SSH accesses. | 4.6 |
| 2023-11-07 | CVE-2023-46819 | Missing Authentication for Critical Function vulnerability in Apache Ofbiz Missing Authentication in Apache Software Foundation Apache OFBiz when using the Solr plugin. This issue affects Apache OFBiz: before 18.12.09. Users are recommended to upgrade to version 18.12.09 | 5.3 |
| 2023-11-06 | CVE-2023-4699 | Missing Authentication for Critical Function vulnerability in Mitsubishielectric products Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation MELSEC-F Series CPU modules, MELSEC iQ-F Series, MELSEC iQ-R series CPU modules, MELSEC iQ-R series, MELSEC iQ-L series, MELSEC Q series, MELSEC-L series, Mitsubishi Electric CNC M800V/M80V series, Mitsubishi Electric CNC M800/M80/E80 series and Mitsubishi Electric CNC M700V/M70V/E70 series allows a remote unauthenticated attacker to execute arbitrary commands by sending specific packets to the affected products. | 9.1 |
| 2023-11-04 | CVE-2023-46381 | Missing Authentication for Critical Function vulnerability in Loytec products LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) lack authentication for the preinstalled version of LWEB-802 via an lweb802_pre/ URI. | 8.2 |
| 2023-11-03 | CVE-2022-43554 | Missing Authentication for Critical Function vulnerability in Ivanti Avalanche Ivanti Avalanche Smart Device Service Missing Authentication Local Privilege Escalation Vulnerability | 7.8 |