Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-10 | CVE-2022-20830 | Missing Authentication for Critical Function vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC without authentication. | 5.3 |
| 2022-10-03 | CVE-2022-38817 | Missing Authentication for Critical Function vulnerability in Linuxfoundation Dapr Dashboard Dapr Dashboard v0.1.0 through v0.10.0 is vulnerable to Incorrect Access Control that allows attackers to obtain sensitive data. | 7.5 |
| 2022-09-13 | CVE-2022-36780 | Missing Authentication for Critical Function vulnerability in Avdorcis Crystal Quality Avdor CIS - crystal quality Credentials Management Errors. | 5.3 |
| 2022-09-12 | CVE-2022-35572 | Missing Authentication for Critical Function vulnerability in Linksys E5350 Firmware 1.0.00.037 On Linksys E5350 WiFi Router with firmware version 1.0.00.037 and lower, (and potentially other vendors/devices due to code reuse), the /SysInfo.htm URI does not require a session ID. | 7.5 |
| 2022-09-09 | CVE-2022-26394 | Missing Authentication for Critical Function vulnerability in Baxter products The Baxter Spectrum WBM does not perform mutual authentication with the gateway server host. | 5.4 |
| 2022-09-02 | CVE-2022-31176 | Missing Authentication for Critical Function vulnerability in Grafana Grafana-Image-Renderer Grafana Image Renderer is a Grafana backend plugin that handles rendering of panels & dashboards to PNGs using a headless browser (Chromium/Chrome). | 8.1 |
| 2022-09-01 | CVE-2022-36604 | Missing Authentication for Critical Function vulnerability in Canaan Avalon Asic Miner Firmware 2020.3.30 An access control issue in Canaan Avalon ASIC Miner 2020.3.30 and below allows unauthenticated attackers to arbitrarily change user passwords via a crafted POST request. | 7.5 |
| 2022-08-31 | CVE-2022-36619 | Missing Authentication for Critical Function vulnerability in Dlink Dir-816 Firmware 1.10Cnb04 In D-link DIR-816 A2_v1.10CNB04.img,the network can be reset without authentication via /goform/setMAC. | 7.5 |
| 2022-08-31 | CVE-2022-30317 | Missing Authentication for Critical Function vulnerability in Honeywell Experion LX Firmware Honeywell Experion LX through 2022-05-06 has Missing Authentication for a Critical Function. | 9.1 |
| 2022-08-29 | CVE-2022-37680 | Missing Authentication for Critical Function vulnerability in Hitachi Hc-Ip9100Hd Firmware 1.07 An improper authentication for critical function issue in Hitachi Kokusai Electric Network products for monitoring system (Camera, Decoder and Encoder) and bellow allows attckers to remotely reboot the device via a crafted POST request to the endpoint /ptipupgrade.cgi. | 7.5 |