Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2023-05-25 CVE-2023-31594 Missing Authentication for Critical Function vulnerability in IC Realtime Icip-P2012T Firmware 2.420
IC Realtime ICIP-P2012T 2.420 is vulnerable to Incorrect Access Control via an exposed HTTP channel using VLC network.
network
low complexity
ic CWE-306
7.5
7.5
2023-05-23 CVE-2023-1837 Missing Authentication for Critical Function vulnerability in Hypr Server
Missing Authentication for critical function vulnerability in HYPR Server allows Authentication Bypass when using Legacy APIs.This issue affects HYPR Server: before 8.0 (with enabled Legacy APIs)
network
low complexity
hypr CWE-306
8.8
8.8
2023-05-23 CVE-2023-23545 Missing Authentication for Critical Function vulnerability in multiple products
Missing authentication for critical function exists in T&D Corporation and ESPEC MIC CORP.
network
low complexity
tandd especmic CWE-306
5.3
5.3
2023-05-19 CVE-2023-2704 Missing Authentication for Critical Function vulnerability in Vibethemes BP Social Connect
The BP Social Connect plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.5.
network
low complexity
vibethemes CWE-306
critical
 9.8
9.8
2023-05-18 CVE-2023-20003 Missing Authentication for Critical Function vulnerability in Cisco products
A vulnerability in the social login configuration option for the guest users of Cisco Business Wireless Access Points (APs) could allow an unauthenticated, adjacent attacker to bypass social login authentication.
low complexity
cisco CWE-306
8.8
8.8
2023-05-12 CVE-2023-23444 Missing Authentication for Critical Function vulnerability in Sick products
Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to influence the availability of the device by changing the IP settings of the device via broadcasted UDP packets.
network
low complexity
sick CWE-306
8.2
8.2
2023-05-10 CVE-2023-22441 Missing Authentication for Critical Function vulnerability in Seiko-Sol products
Missing authentication for critical function exists in Seiko Solutions SkyBridge series, which may allow a remote attacker to obtain or alter the setting information of the product or execute some critical functions without authentication, e.g., rebooting the product.
network
low complexity
seiko-sol CWE-306
8.6
8.6
2023-05-10 CVE-2023-23906 Missing Authentication for Critical Function vulnerability in Seiko-Sol products
Missing authentication for critical function exists in SkyBridge MB-A100/110 firmware Ver.
network
low complexity
seiko-sol CWE-306
7.5
7.5
2023-05-04 CVE-2023-20126 Missing Authentication for Critical Function vulnerability in Cisco Spa112 Firmware 1.4.1
A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device.
network
low complexity
cisco CWE-306
critical
 9.8
9.8
2023-04-25 CVE-2022-40725 Missing Authentication for Critical Function vulnerability in Pingidentity Desktop
PingID Desktop prior to the latest released version 1.7.4 contains a vulnerability that can be exploited to bypass the maximum PIN attempts permitted before the time-based lockout is activated.
local
low complexity
pingidentity CWE-306
6.1
6.1