Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-19 | CVE-2023-42793 | Missing Authentication for Critical Function vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible | 9.8 |
| 2023-08-31 | CVE-2023-34392 | Missing Authentication for Critical Function vulnerability in Selinc Sel-5037 SEL Grid Configurator A Missing Authentication for Critical Function vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run arbitrary commands on managed devices by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5037 SEL Grid Configurator: before 4.5.0.20. | 8.8 |
| 2023-08-30 | CVE-2023-40598 | Missing Authentication for Critical Function vulnerability in Splunk In Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1, an attacker can create an external lookup that calls a legacy internal function. | 8.8 |
| 2023-08-15 | CVE-2023-4334 | Missing Authentication for Critical Function vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller Web server (nginx) is serving private files without any authentication | 7.5 |
| 2023-08-15 | CVE-2023-4335 | Missing Authentication for Critical Function vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on Linux | 7.5 |
| 2023-08-08 | CVE-2023-37373 | Missing Authentication for Critical Function vulnerability in Siemens Ruggedcom Crossbow 5.2/5.3 A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). | 7.5 |
| 2023-07-20 | CVE-2023-38523 | Missing Authentication for Critical Function vulnerability in Samsung products The web interface on multiple Samsung Harman AMX N-Series devices allows directory listing for the /tmp/ directory, without authentication, exposing sensitive information such as the command history and screenshot of the file being processed. | 5.3 |
| 2023-07-18 | CVE-2023-36669 | Missing Authentication for Critical Function vulnerability in Kratosdefense NGC Indoor Unit Firmware 9.1.0.4 Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit (IDU) before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. | 9.8 |
| 2023-07-11 | CVE-2023-35873 | Missing Authentication for Critical Function vulnerability in SAP Netweaver Process Integration 7.50 The Runtime Workbench (RWB) of SAP NetWeaver Process Integration - version SAP_XITOOL 7.50, does not perform authentication checks for certain functionalities that require user identity. | 6.5 |
| 2023-07-06 | CVE-2023-30643 | Missing Authentication for Critical Function vulnerability in Samsung Android 11.0/12.0/13.0 Missing authentication vulnerability in Galaxy Themes Service prior to SMR Jul-2023 Release 1 allows local attackers to delete arbitrary non-preloaded applications. | 7.1 |