Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-08 | CVE-2023-37373 | Missing Authentication for Critical Function vulnerability in Siemens Ruggedcom Crossbow 5.2/5.3 A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). | 7.5 |
| 2023-07-20 | CVE-2023-38523 | Missing Authentication for Critical Function vulnerability in Samsung products The web interface on multiple Samsung Harman AMX N-Series devices allows directory listing for the /tmp/ directory, without authentication, exposing sensitive information such as the command history and screenshot of the file being processed. | 5.3 |
| 2023-07-18 | CVE-2023-36669 | Missing Authentication for Critical Function vulnerability in Kratosdefense NGC Indoor Unit Firmware 9.1.0.4 Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit (IDU) before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. | 9.8 |
| 2023-07-17 | CVE-2023-37265 | Missing Authentication for Critical Function vulnerability in Icewhale Casaos CasaOS is an open-source Personal Cloud system. | 9.8 |
| 2023-07-11 | CVE-2023-35873 | Missing Authentication for Critical Function vulnerability in SAP Netweaver Process Integration 7.50 The Runtime Workbench (RWB) of SAP NetWeaver Process Integration - version SAP_XITOOL 7.50, does not perform authentication checks for certain functionalities that require user identity. | 6.5 |
| 2023-07-06 | CVE-2023-30643 | Missing Authentication for Critical Function vulnerability in Samsung Android 11.0/12.0/13.0 Missing authentication vulnerability in Galaxy Themes Service prior to SMR Jul-2023 Release 1 allows local attackers to delete arbitrary non-preloaded applications. | 7.1 |
| 2023-07-04 | CVE-2023-22906 | Missing Authentication for Critical Function vulnerability in Heroelectronix Qubo Hcd01 Firmware and Qubo Hcd02 Firmware Hero Qubo HCD01_02_V1.38_20220125 devices allow TELNET access with root privileges by default, without a password. | 8.8 |
| 2023-06-30 | CVE-2023-36347 | Missing Authentication for Critical Function vulnerability in Codekop 2.0 A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data. | 7.5 |
| 2023-06-20 | CVE-2023-35854 | Missing Authentication for Critical Function vulnerability in Zohocorp Manageengine Adselfservice Plus Zoho ManageEngine ADSelfService Plus through 6113 has an authentication bypass that can be exploited to steal the domain controller session token for identity spoofing, thereby achieving the privileges of the domain controller administrator. | 9.8 |
| 2023-06-19 | CVE-2023-31411 | Missing Authentication for Critical Function vulnerability in Sick Eventcam APP A remote unprivileged attacker can modify and access configuration settings on the EventCam App due to the absence of API authentication. | 9.8 |