Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-19 | CVE-2020-23648 | Missing Authentication for Critical Function vulnerability in Asus Rt-N12E Firmware 2.0.0.39 Asus RT-N12E 2.0.0.39 is affected by an incorrect access control vulnerability. | 7.5 |
| 2022-10-18 | CVE-2022-21587 | Missing Authentication for Critical Function vulnerability in Oracle E-Business Suite Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). | 9.8 |
| 2022-10-13 | CVE-2022-35136 | Missing Authentication for Critical Function vulnerability in Boodskap IOT Platform 4.4.902 Boodskap IoT Platform v4.4.9-02 allows attackers to make unauthenticated API requests. | 6.5 |
| 2022-10-10 | CVE-2022-20830 | Missing Authentication for Critical Function vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC without authentication. | 5.3 |
| 2022-10-03 | CVE-2022-38817 | Missing Authentication for Critical Function vulnerability in Linuxfoundation Dapr Dashboard Dapr Dashboard v0.1.0 through v0.10.0 is vulnerable to Incorrect Access Control that allows attackers to obtain sensitive data. | 7.5 |
| 2022-09-28 | CVE-2022-22526 | Missing Authentication for Critical Function vulnerability in Gavazziautomation products In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a missing authentication allows for full access via API. | 9.8 |
| 2022-09-13 | CVE-2022-36780 | Missing Authentication for Critical Function vulnerability in Avdorcis Crystal Quality Avdor CIS - crystal quality Credentials Management Errors. | 5.3 |
| 2022-09-12 | CVE-2022-35572 | Missing Authentication for Critical Function vulnerability in Linksys E5350 Firmware 1.0.00.037 On Linksys E5350 WiFi Router with firmware version 1.0.00.037 and lower, (and potentially other vendors/devices due to code reuse), the /SysInfo.htm URI does not require a session ID. | 7.5 |
| 2022-09-09 | CVE-2022-26394 | Missing Authentication for Critical Function vulnerability in Baxter products The Baxter Spectrum WBM does not perform mutual authentication with the gateway server host. | 5.4 |
| 2022-09-06 | CVE-2022-1368 | Missing Authentication for Critical Function vulnerability in Cognex 3D-A1000 Dimensioning System Firmware 1.0.3(3354) The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 (3354) and prior is vulnerable to CWE-306: Missing Authentication for Critical Function, which allows unauthorized users to change the operator account password via webserver commands by monitoring web socket communications from an unauthenticated session. | 9.8 |