Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-23 | CVE-2023-23545 | Missing Authentication for Critical Function vulnerability in multiple products Missing authentication for critical function exists in T&D Corporation and ESPEC MIC CORP. | 5.3 |
| 2023-05-19 | CVE-2023-2704 | Missing Authentication for Critical Function vulnerability in Vibethemes BP Social Connect The BP Social Connect plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.5. | 9.8 |
| 2023-05-18 | CVE-2023-32680 | Missing Authentication for Critical Function vulnerability in Metabase Metabase is an open source business analytics engine. | 9.6 |
| 2023-05-18 | CVE-2023-20003 | Missing Authentication for Critical Function vulnerability in Cisco products A vulnerability in the social login configuration option for the guest users of Cisco Business Wireless Access Points (APs) could allow an unauthenticated, adjacent attacker to bypass social login authentication. | 8.8 |
| 2023-05-12 | CVE-2023-23444 | Missing Authentication for Critical Function vulnerability in Sick products Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to influence the availability of the device by changing the IP settings of the device via broadcasted UDP packets. | 8.2 |
| 2023-05-10 | CVE-2023-22441 | Missing Authentication for Critical Function vulnerability in Seiko-Sol products Missing authentication for critical function exists in Seiko Solutions SkyBridge series, which may allow a remote attacker to obtain or alter the setting information of the product or execute some critical functions without authentication, e.g., rebooting the product. | 8.6 |
| 2023-05-10 | CVE-2023-23906 | Missing Authentication for Critical Function vulnerability in Seiko-Sol products Missing authentication for critical function exists in SkyBridge MB-A100/110 firmware Ver. | 7.5 |
| 2023-05-09 | CVE-2023-31143 | Missing Authentication for Critical Function vulnerability in Mage Mage-Ai mage-ai is an open-source data pipeline tool for transforming and integrating data. | 9.8 |
| 2023-05-09 | CVE-2023-30744 | Missing Authentication for Critical Function vulnerability in SAP Netweaver Application Server for Java 7.50 In SAP AS NetWeaver JAVA - versions SERVERCORE 7.50, J2EE-FRMW 7.50, CORE-TOOLS 7.50, an unauthenticated attacker can attach to an open interface and make use of an open naming and directory API to instantiate an object which has methods which can be called without further authorization and authentication. | 9.1 |
| 2023-05-04 | CVE-2023-20126 | Missing Authentication for Critical Function vulnerability in Cisco Spa112 Firmware 1.4.1 A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. | 9.8 |