Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-28 | CVE-2023-29061 | Missing Authentication for Critical Function vulnerability in BD Facschorus There is no BIOS password on the FACSChorus workstation. | 5.2 |
| 2023-11-28 | CVE-2023-29063 | Missing Authentication for Critical Function vulnerability in BD Facschorus The FACSChorus workstation does not prevent physical access to its PCI express (PCIe) slots, which could allow a threat actor to insert a PCI card designed for memory capture. | 2.4 |
| 2023-11-28 | CVE-2023-29060 | Missing Authentication for Critical Function vulnerability in BD Facschorus The FACSChorus workstation operating system does not restrict what devices can interact with its USB ports. | 5.7 |
| 2023-11-22 | CVE-2023-3104 | Missing Authentication for Critical Function vulnerability in Unitree A1 Firmware Lack of authentication vulnerability. | 7.5 |
| 2023-11-21 | CVE-2023-42770 | Missing Authentication for Critical Function vulnerability in Redlioncontrols products Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. | 9.8 |
| 2023-11-16 | CVE-2023-47674 | Missing Authentication for Critical Function vulnerability in C-First products Missing authentication for critical function vulnerability in First Corporation's DVRs allows a remote unauthenticated attacker to rewrite or obtain the configuration information of the affected device. | 9.8 |
| 2023-11-14 | CVE-2023-34060 | Missing Authentication for Critical Function vulnerability in VMWare Cloud Director 10.4.0 VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from an older version. On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the appliance can bypass login restrictions when authenticating on port 22 (ssh) or port 5480 (appliance management console) . | 9.8 |
| 2023-11-06 | CVE-2023-4699 | Missing Authentication for Critical Function vulnerability in Mitsubishielectric products Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation MELSEC-F Series CPU modules, MELSEC iQ-F Series, MELSEC iQ-R series CPU modules, MELSEC iQ-R series, MELSEC iQ-L series, MELSEC Q series, MELSEC-L series, Mitsubishi Electric CNC M800V/M80V series, Mitsubishi Electric CNC M800/M80/E80 series and Mitsubishi Electric CNC M700V/M70V/E70 series allows a remote unauthenticated attacker to execute arbitrary commands by sending specific packets to the affected products. | 9.1 |
| 2023-11-04 | CVE-2023-46381 | Missing Authentication for Critical Function vulnerability in Loytec products LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) lack authentication for the preinstalled version of LWEB-802 via an lweb802_pre/ URI. | 8.2 |
| 2023-11-03 | CVE-2022-43554 | Missing Authentication for Critical Function vulnerability in Ivanti Avalanche Ivanti Avalanche Smart Device Service Missing Authentication Local Privilege Escalation Vulnerability | 7.8 |