Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2024-05-03 CVE-2023-41186 Missing Authentication for Critical Function vulnerability in Dlink Dap-1325 Firmware 1.07B01
D-Link DAP-1325 CGI Missing Authentication Information Disclosure Vulnerability.
low complexity
dlink CWE-306
6.5
2024-05-03 CVE-2023-41187 Missing Authentication for Critical Function vulnerability in Dlink Dap-1325 Firmware 1.07B01
D-Link DAP-1325 HNAP Missing Authentication Remote Code Execution Vulnerability.
low complexity
dlink CWE-306
8.8
2024-05-03 CVE-2023-27357 Missing Authentication for Critical Function vulnerability in Netgear Rax30 Firmware
NETGEAR RAX30 GetInfo Missing Authentication Information Disclosure Vulnerability.
low complexity
netgear CWE-306
6.5
2024-05-03 CVE-2023-38123 Missing Authentication for Critical Function vulnerability in Inductiveautomation Ignition
Inductive Automation Ignition OPC UA Quick Client Missing Authentication for Critical Function Authentication Bypass Vulnerability.
network
low complexity
inductiveautomation CWE-306
8.8
2024-04-25 CVE-2023-51478 Missing Authentication for Critical Function vulnerability in Buildapp Build APP Online
Improper Authentication vulnerability in Abdul Hakeem Build App Online allows Privilege Escalation.This issue affects Build App Online: from n/a through 1.0.19.
network
low complexity
buildapp CWE-306
critical
9.8
2024-04-12 CVE-2024-30391 Missing Authentication for Critical Function vulnerability in Juniper Junos
A Missing Authentication for Critical Function vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an unauthenticated network-based attacker to cause limited impact to the integrity or availability of the device. If a device is configured with IPsec authentication algorithm hmac-sha-384 or hmac-sha-512, tunnels are established normally but for traffic traversing the tunnel no authentication information is sent with the encrypted data on egress, and no authentication information is expected on ingress.
network
high complexity
juniper CWE-306
4.8
2024-03-20 CVE-2024-28179 Missing Authentication for Critical Function vulnerability in Jupyter Server Proxy
Jupyter Server Proxy allows users to run arbitrary external processes alongside their Jupyter notebook servers and provides authenticated web access.
network
low complexity
jupyter CWE-306
critical
9.8
2024-03-15 CVE-2024-2450 Missing Authentication for Critical Function vulnerability in Mattermost Server
Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.4.3 fail to correctly verify account ownership when switching from email to SAML authentication, allowing an authenticated attacker to take over other user accounts via a crafted switch request under specific conditions.
network
low complexity
mattermost CWE-306
8.8
2024-02-18 CVE-2022-48621 Missing Authentication for Critical Function vulnerability in Huawei Emui and Harmonyos
Vulnerability of missing authentication for critical functions in the Wi-Fi module.Successful exploitation of this vulnerability may affect service confidentiality.
network
low complexity
huawei CWE-306
7.5
2024-02-14 CVE-2024-25618 Missing Authentication for Critical Function vulnerability in Joinmastodon Mastodon
Mastodon is a free, open-source social network server based on ActivityPub.
network
high complexity
joinmastodon CWE-306
7.4