Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2023-02-09 CVE-2022-48288 Missing Authentication for Critical Function vulnerability in Huawei Emui and Harmonyos
The bundle management module lacks authentication and control mechanisms in some APIs.
network
low complexity
huawei CWE-306
7.5
7.5
2023-02-09 CVE-2022-48289 Missing Authentication for Critical Function vulnerability in Huawei Emui and Harmonyos
The bundle management module lacks authentication and control mechanisms in some APIs.
network
low complexity
huawei CWE-306
7.5
7.5
2023-02-09 CVE-2022-48299 Missing Authentication for Critical Function vulnerability in Huawei Emui and Harmonyos
The WMS module lacks the authentication mechanism in some APIs.
network
low complexity
huawei CWE-306
7.5
7.5
2023-02-09 CVE-2022-48300 Missing Authentication for Critical Function vulnerability in Huawei Emui and Harmonyos
The WMS module lacks the authentication mechanism in some APIs.
network
low complexity
huawei CWE-306
7.5
7.5
2023-02-08 CVE-2022-43761 Missing Authentication for Critical Function vulnerability in Br-Automation Industrial Automation Aprol
Missing authentication when creating and managing the B&R APROL database in versions < R 4.2-07 allows reading and changing the system configuration. 
network
low complexity
br-automation CWE-306
7.5
7.5
2023-02-08 CVE-2022-45190 Missing Authentication for Critical Function vulnerability in Microchip Rn4870 Firmware 1.43
An issue was discovered on Microchip RN4870 1.43 devices.
high complexity
microchip CWE-306
5.3
5.3
2023-02-07 CVE-2022-24990 Missing Authentication for Critical Function vulnerability in Terra-Master Terramaster Operating System
TerraMaster NAS 4.2.29 and earlier allows remote attackers to discover the administrative password by sending "User-Agent: TNAS" to module/api.php?mobile/webNasIPS and then reading the PWD field in the response.
network
low complexity
terra-master CWE-306
7.5
7.5
2023-02-03 CVE-2021-37234 Missing Authentication for Critical Function vulnerability in Modern Honey Network Project Modern Honey Network 20201123
Incorrect Access Control vulnerability in Modern Honey Network commit 0abf0db9cd893c6d5c727d036e1f817c02de4c7b allows remote attackers to view sensitive information via crafted PUT request to Web API.
network
low complexity
modern-honey-network-project CWE-306
6.5
6.5
2023-02-02 CVE-2023-25013 Missing Authentication for Critical Function vulnerability in In2Code Femanager
An issue was discovered in the femanager extension before 5.5.3, 6.x before 6.3.4, and 7.x before 7.1.0 for TYPO3.
network
low complexity
in2code CWE-306
7.5
7.5
2023-02-02 CVE-2023-25014 Missing Authentication for Critical Function vulnerability in In2Code Femanager
An issue was discovered in the femanager extension before 5.5.3, 6.x before 6.3.4, and 7.x before 7.1.0 for TYPO3.
network
low complexity
in2code CWE-306
7.5
7.5