Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-16 | CVE-2022-43999 | Missing Authentication for Critical Function vulnerability in Backclick 5.9.63 An issue was discovered in BACKCLICK Professional 5.9.63. | 9.8 |
| 2022-11-16 | CVE-2022-4018 | Missing Authentication for Critical Function vulnerability in Ikus-Soft Rdiffweb Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6. | 4.3 |
| 2022-11-09 | CVE-2021-46852 | Missing Authentication for Critical Function vulnerability in Huawei Emui and Harmonyos The memory management module has the logic bypass vulnerability. | 7.5 |
| 2022-11-08 | CVE-2022-30515 | Missing Authentication for Critical Function vulnerability in Zkteco Biotime 8.5.4/8.5.5 ZKTeco BioTime 8.5.4 is missing authentication on folders containing employee photos, allowing an attacker to view them through filename enumeration. | 5.3 |
| 2022-11-03 | CVE-2022-38168 | Missing Authentication for Critical Function vulnerability in Avaya products Broken Access Control in User Authentication in Avaya Scopia Pathfinder 10 and 20 PTS version 8.3.7.0.4 allows remote unauthenticated attackers to bypass the login page, access sensitive information, and reset user passwords via URL modification. | 9.1 |
| 2022-11-03 | CVE-2022-3675 | Missing Authentication for Critical Function vulnerability in Redhat Fedora Coreos 36.20220820.3.0 Fedora CoreOS supports setting a GRUB bootloader password using a Butane config. | 5.5 |
| 2022-11-02 | CVE-2022-42473 | Missing Authentication for Critical Function vulnerability in Fortinet Fortisoar A missing authentication for a critical function vulnerability in Fortinet FortiSOAR 6.4.0 - 6.4.4 and 7.0.0 - 7.0.3 and 7.2.0 allows an attacker to disclose information via logging into the database using a privileged account without a password. | 5.5 |
| 2022-11-01 | CVE-2022-27582 | Missing Authentication for Critical Function vulnerability in Sick products Password recovery vulnerability in SICK SIM4000 (PPC) Partnumber 1078787 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. | 9.8 |
| 2022-11-01 | CVE-2022-27584 | Missing Authentication for Critical Function vulnerability in Sick Sim2000St Firmware Password recovery vulnerability in SICK SIM2000ST Partnumber 1080579 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. | 9.8 |
| 2022-11-01 | CVE-2022-27585 | Missing Authentication for Critical Function vulnerability in Sick Sim1000 FX Firmware Password recovery vulnerability in SICK SIM1000 FX Partnumber 1097816 and 1097817 with firmware version <1.6.0 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. | 9.8 |