Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-30 | CVE-2023-40598 | Missing Authentication for Critical Function vulnerability in Splunk In Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1, an attacker can create an external lookup that calls a legacy internal function. | 8.8 |
| 2023-08-15 | CVE-2023-4334 | Missing Authentication for Critical Function vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller Web server (nginx) is serving private files without any authentication | 7.5 |
| 2023-08-15 | CVE-2023-4335 | Missing Authentication for Critical Function vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on Linux | 7.5 |
| 2023-08-08 | CVE-2023-37373 | Missing Authentication for Critical Function vulnerability in Siemens Ruggedcom Crossbow 5.2/5.3 A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). | 7.5 |
| 2023-07-20 | CVE-2023-38523 | Missing Authentication for Critical Function vulnerability in Samsung products The web interface on multiple Samsung Harman AMX N-Series devices allows directory listing for the /tmp/ directory, without authentication, exposing sensitive information such as the command history and screenshot of the file being processed. | 5.3 |
| 2023-07-18 | CVE-2023-36669 | Missing Authentication for Critical Function vulnerability in Kratosdefense NGC Indoor Unit Firmware 9.1.0.4 Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit (IDU) before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. | 9.8 |
| 2023-07-17 | CVE-2023-37265 | Missing Authentication for Critical Function vulnerability in Icewhale Casaos CasaOS is an open-source Personal Cloud system. | 9.8 |
| 2023-07-11 | CVE-2023-35873 | Missing Authentication for Critical Function vulnerability in SAP Netweaver Process Integration 7.50 The Runtime Workbench (RWB) of SAP NetWeaver Process Integration - version SAP_XITOOL 7.50, does not perform authentication checks for certain functionalities that require user identity. | 6.5 |
| 2023-07-06 | CVE-2023-30643 | Missing Authentication for Critical Function vulnerability in Samsung Android 11.0/12.0/13.0 Missing authentication vulnerability in Galaxy Themes Service prior to SMR Jul-2023 Release 1 allows local attackers to delete arbitrary non-preloaded applications. | 7.1 |
| 2023-07-04 | CVE-2023-22906 | Missing Authentication for Critical Function vulnerability in Heroelectronix Qubo Hcd01 Firmware and Qubo Hcd02 Firmware Hero Qubo HCD01_02_V1.38_20220125 devices allow TELNET access with root privileges by default, without a password. | 8.8 |