Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2024-05-03 CVE-2023-27357 Missing Authentication for Critical Function vulnerability in Netgear Rax30 Firmware
NETGEAR RAX30 GetInfo Missing Authentication Information Disclosure Vulnerability.
low complexity
netgear CWE-306
6.5
2024-05-03 CVE-2023-38123 Missing Authentication for Critical Function vulnerability in Inductiveautomation Ignition
Inductive Automation Ignition OPC UA Quick Client Missing Authentication for Critical Function Authentication Bypass Vulnerability.
network
low complexity
inductiveautomation CWE-306
8.8
2024-04-25 CVE-2023-51478 Missing Authentication for Critical Function vulnerability in Buildapp Build APP Online
Improper Authentication vulnerability in Abdul Hakeem Build App Online allows Privilege Escalation.This issue affects Build App Online: from n/a through 1.0.19.
network
low complexity
buildapp CWE-306
critical
9.8
2024-04-12 CVE-2024-30391 Missing Authentication for Critical Function vulnerability in Juniper Junos
A Missing Authentication for Critical Function vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an unauthenticated network-based attacker to cause limited impact to the integrity or availability of the device. If a device is configured with IPsec authentication algorithm hmac-sha-384 or hmac-sha-512, tunnels are established normally but for traffic traversing the tunnel no authentication information is sent with the encrypted data on egress, and no authentication information is expected on ingress.
network
high complexity
juniper CWE-306
4.8
2024-03-20 CVE-2024-28179 Missing Authentication for Critical Function vulnerability in Jupyter Server Proxy
Jupyter Server Proxy allows users to run arbitrary external processes alongside their Jupyter notebook servers and provides authenticated web access.
network
low complexity
jupyter CWE-306
critical
9.8
2024-03-15 CVE-2024-2450 Missing Authentication for Critical Function vulnerability in Mattermost Server
Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.4.3 fail to correctly verify account ownership when switching from email to SAML authentication, allowing an authenticated attacker to take over other user accounts via a crafted switch request under specific conditions.
network
low complexity
mattermost CWE-306
8.8
2024-02-18 CVE-2022-48621 Missing Authentication for Critical Function vulnerability in Huawei Emui and Harmonyos
Vulnerability of missing authentication for critical functions in the Wi-Fi module.Successful exploitation of this vulnerability may affect service confidentiality.
network
low complexity
huawei CWE-306
7.5
2024-02-14 CVE-2024-25618 Missing Authentication for Critical Function vulnerability in Joinmastodon Mastodon
Mastodon is a free, open-source social network server based on ActivityPub.
network
high complexity
joinmastodon CWE-306
7.4
2024-02-14 CVE-2024-23783 Missing Authentication for Critical Function vulnerability in Sharp Jh-Rv11 Firmware and Jh-Rvb1 Firmware
Improper authentication vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to access the affected product without authentication.
low complexity
sharp CWE-306
8.8
2024-02-06 CVE-2023-40545 Missing Authentication for Critical Function vulnerability in Pingidentity Pingfederate 11.3.0
Authentication bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted requests.
network
low complexity
pingidentity CWE-306
critical
9.8