Vulnerabilities > Missing Authentication for Critical Function

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-19	CVE-2023-51947	Missing Authentication for Critical Function vulnerability in Actidata Actinas SL 2U-8 RDX Firmware 3.2.03 Improper access control on nasSvr.php in actidata actiNAS SL 2U-8 RDX 3.2.03-SP1 allows remote attackers to read and modify different types of data without authentication. network low complexity actidata CWE-306 critical	9.1
2024-01-15	CVE-2023-5253	Missing Authentication for Critical Function vulnerability in Nozominetworks CMC and Guardian A missing authentication check in the WebSocket channel used for the Check Point IoT integration in Nozomi Networks Guardian and CMC, may allow an unauthenticated attacker to obtain assets data without authentication. Malicious unauthenticated users with knowledge on the underlying system may be able to extract limited asset information. network low complexity nozominetworks CWE-306	7.5
2024-01-13	CVE-2023-51062	Missing Authentication for Critical Function vulnerability in Qstar Archive Storage Manager 30 An unauthenticated log file read in the component log-smblog-save of QStar Archive Solutions RELEASE_3-0 Build 7 Patch 0 allows attackers to disclose the SMB Log contents via executing a crafted command. network low complexity qstar CWE-306	5.3
2024-01-12	CVE-2023-31033	Missing Authentication for Critical Function vulnerability in Nvidia DGX A100 Firmware 00.19.07 NVIDIA DGX A100 BMC contains a vulnerability where a user may cause a missing authentication issue for a critical function by an adjacent network . low complexity nvidia CWE-306	8.0
2024-01-12	CVE-2023-49255	Missing Authentication for Critical Function vulnerability in Hongdian H8951-4G-Esp Firmware The router console is accessible without authentication at "data" field, and while a user needs to be logged in in order to modify the configuration, the session state is shared. network low complexity hongdian CWE-306 critical	9.8
2024-01-11	CVE-2023-51987	Missing Authentication for Critical Function vulnerability in Dlink Dir-822 Firmware 1.0.2 D-Link DIR-822+ V1.0.2 contains a login bypass in the HNAP1 interface, which allows attackers to log in to administrator accounts with empty passwords. network low complexity dlink CWE-306 critical	9.8
2024-01-10	CVE-2022-45794	Missing Authentication for Critical Function vulnerability in Omron products An attacker with network access to the affected PLC (CJ-series and CS-series PLCs, all versions) may use a network protocol to read and write files on the PLC internal memory and memory card. network low complexity omron CWE-306	7.5
2024-01-10	CVE-2023-40393	Missing Authentication for Critical Function vulnerability in Apple Macos An authentication issue was addressed with improved state management. network low complexity apple CWE-306	7.5
2024-01-03	CVE-2023-5881	Missing Authentication for Critical Function vulnerability in Geniecompany Aladdin Connect Garage Door Opener Firmware Unauthenticated access permitted to web interface page The Genie Company Aladdin Connect (Retrofit-Kit Model ALDCM) "Garage Door Control Module Setup" and modify the Garage door's SSID settings. network low complexity geniecompany CWE-306	8.2
2023-12-21	CVE-2023-29485	Missing Authentication for Critical Function vulnerability in Heimdalsecurity Thor An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module. network low complexity heimdalsecurity CWE-306 critical	9.8