Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-21 | CVE-2022-34767 | Missing Authentication for Critical Function vulnerability in Allnet All-Wr0500Ac Firmware Web page which "wizardpwd.asp" ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability – the password, located at "admin" allows changing the http[s]://wizardpwd.asp/cgi-bin. | 9.8 |
| 2022-07-21 | CVE-2022-20857 | Missing Authentication for Critical Function vulnerability in Cisco Nexus Dashboard Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. | 9.8 |
| 2022-07-21 | CVE-2022-20858 | Missing Authentication for Critical Function vulnerability in Cisco Nexus Dashboard Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. | 9.8 |
| 2022-07-20 | CVE-2022-2141 | Missing Authentication for Critical Function vulnerability in Micodus Mv720 Firmware SMS-based GPS commands can be executed by MiCODUS MV720 GPS tracker without authentication. | 9.8 |
| 2022-07-17 | CVE-2022-28809 | Missing Authentication for Critical Function vulnerability in Opendesign Drawings SDK An issue was discovered in Open Design Alliance Drawings SDK before 2023.3. | 7.8 |
| 2022-07-17 | CVE-2022-31260 | Missing Authentication for Critical Function vulnerability in Montala Resourcespace In Montala ResourceSpace through 9.8 before r19636, csv_export_results_metadata.php allows attackers to export collection metadata via a non-NULL k value. | 6.5 |
| 2022-07-16 | CVE-2021-34538 | Missing Authentication for Critical Function vulnerability in Apache Hive Apache Hive before 3.1.3 "CREATE" and "DROP" function operations does not check for necessary authorization of involved entities in the query. | 7.5 |
| 2022-07-12 | CVE-2021-44222 | Missing Authentication for Critical Function vulnerability in Siemens Simatic Easie Core Package A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). | 9.1 |
| 2022-07-12 | CVE-2022-33138 | Missing Authentication for Critical Function vulnerability in Siemens products A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3), SIMATIC MV560 U (All versions < V3.3), SIMATIC MV560 X (All versions < V3.3). | 7.5 |
| 2022-06-30 | CVE-2022-23719 | Missing Authentication for Critical Function vulnerability in Pingidentity Pingid Integration for Windows Login PingID Windows Login prior to 2.8 does not authenticate communication with a local Java service used to capture security key requests. | 6.4 |