Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2024-02-01 CVE-2024-22449 Missing Authentication for Critical Function vulnerability in Dell Powerscale Onefs
Dell PowerScale OneFS versions 9.0.0.x through 9.6.0.x contains a missing authentication for critical function vulnerability.
local
low complexity
dell CWE-306
7.8
7.8
2024-01-26 CVE-2024-23618 Missing Authentication for Critical Function vulnerability in Commscope Arris Surfboard Sbg6950Ac2 Firmware
An arbitrary code execution vulnerability exists in Arris SURFboard SGB6950AC2 devices.
network
low complexity
commscope CWE-306
critical
 9.8
9.8
2024-01-19 CVE-2023-51947 Missing Authentication for Critical Function vulnerability in Actidata Actinas SL 2U-8 RDX Firmware 3.2.03
Improper access control on nasSvr.php in actidata actiNAS SL 2U-8 RDX 3.2.03-SP1 allows remote attackers to read and modify different types of data without authentication.
network
low complexity
actidata CWE-306
critical
 9.1
9.1
2024-01-15 CVE-2023-5253 Missing Authentication for Critical Function vulnerability in Nozominetworks CMC and Guardian
A missing authentication check in the WebSocket channel used for the Check Point IoT integration in Nozomi Networks Guardian and CMC, may allow an unauthenticated attacker to obtain assets data without authentication. Malicious unauthenticated users with knowledge on the underlying system may be able to extract limited asset information.
network
low complexity
nozominetworks CWE-306
7.5
7.5
2024-01-13 CVE-2023-51062 Missing Authentication for Critical Function vulnerability in Qstar Archive Storage Manager 30
An unauthenticated log file read in the component log-smblog-save of QStar Archive Solutions RELEASE_3-0 Build 7 Patch 0 allows attackers to disclose the SMB Log contents via executing a crafted command.
network
low complexity
qstar CWE-306
5.3
5.3
2024-01-12 CVE-2023-31033 Missing Authentication for Critical Function vulnerability in Nvidia DGX A100 Firmware 00.19.07
NVIDIA DGX A100 BMC contains a vulnerability where a user may cause a missing authentication issue for a critical function by an adjacent network .
low complexity
nvidia CWE-306
8.0
8.0
2024-01-12 CVE-2023-49255 Missing Authentication for Critical Function vulnerability in Hongdian H8951-4G-Esp Firmware
The router console is accessible without authentication at "data" field, and while a user needs to be logged in in order to modify the configuration, the session state is shared.
network
low complexity
hongdian CWE-306
critical
 9.8
9.8
2024-01-11 CVE-2023-51987 Missing Authentication for Critical Function vulnerability in Dlink Dir-822 Firmware 1.0.2
D-Link DIR-822+ V1.0.2 contains a login bypass in the HNAP1 interface, which allows attackers to log in to administrator accounts with empty passwords.
network
low complexity
dlink CWE-306
critical
 9.8
9.8
2024-01-10 CVE-2022-45794 Missing Authentication for Critical Function vulnerability in Omron products
An attacker with network access to the affected PLC (CJ-series and CS-series PLCs, all versions) may use a network protocol to read and write files on the PLC internal memory and memory card.
network
low complexity
omron CWE-306
7.5
7.5
2024-01-10 CVE-2023-40393 Missing Authentication for Critical Function vulnerability in Apple Macos
An authentication issue was addressed with improved state management.
network
low complexity
apple CWE-306
7.5
7.5