Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-03 | CVE-2023-27357 | Missing Authentication for Critical Function vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 GetInfo Missing Authentication Information Disclosure Vulnerability. | 6.5 |
| 2024-05-03 | CVE-2023-38123 | Missing Authentication for Critical Function vulnerability in Inductiveautomation Ignition Inductive Automation Ignition OPC UA Quick Client Missing Authentication for Critical Function Authentication Bypass Vulnerability. | 8.8 |
| 2024-04-25 | CVE-2023-51478 | Missing Authentication for Critical Function vulnerability in Buildapp Build APP Online Improper Authentication vulnerability in Abdul Hakeem Build App Online allows Privilege Escalation.This issue affects Build App Online: from n/a through 1.0.19. | 9.8 |
| 2024-04-12 | CVE-2024-30391 | Missing Authentication for Critical Function vulnerability in Juniper Junos A Missing Authentication for Critical Function vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an unauthenticated network-based attacker to cause limited impact to the integrity or availability of the device. If a device is configured with IPsec authentication algorithm hmac-sha-384 or hmac-sha-512, tunnels are established normally but for traffic traversing the tunnel no authentication information is sent with the encrypted data on egress, and no authentication information is expected on ingress. | 4.8 |
| 2024-03-20 | CVE-2024-28179 | Missing Authentication for Critical Function vulnerability in Jupyter Server Proxy Jupyter Server Proxy allows users to run arbitrary external processes alongside their Jupyter notebook servers and provides authenticated web access. | 9.8 |
| 2024-03-15 | CVE-2024-2450 | Missing Authentication for Critical Function vulnerability in Mattermost Server Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.4.3 fail to correctly verify account ownership when switching from email to SAML authentication, allowing an authenticated attacker to take over other user accounts via a crafted switch request under specific conditions. | 8.8 |
| 2024-02-18 | CVE-2022-48621 | Missing Authentication for Critical Function vulnerability in Huawei Emui and Harmonyos Vulnerability of missing authentication for critical functions in the Wi-Fi module.Successful exploitation of this vulnerability may affect service confidentiality. | 7.5 |
| 2024-02-14 | CVE-2024-25618 | Missing Authentication for Critical Function vulnerability in Joinmastodon Mastodon Mastodon is a free, open-source social network server based on ActivityPub. | 7.4 |
| 2024-02-14 | CVE-2024-23783 | Missing Authentication for Critical Function vulnerability in Sharp Jh-Rv11 Firmware and Jh-Rvb1 Firmware Improper authentication vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to access the affected product without authentication. | 8.8 |
| 2024-02-06 | CVE-2023-40545 | Missing Authentication for Critical Function vulnerability in Pingidentity Pingfederate 11.3.0 Authentication bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted requests. | 9.8 |