Vulnerabilities > Missing Authentication for Critical Function

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-28	CVE-2022-24935	Missing Authentication for Critical Function vulnerability in Lexmark Firmware Lexmark products through 2022-02-10 have Incorrect Access Control. network low complexity lexmark CWE-306	7.5
2022-04-28	CVE-2022-28719	Missing Authentication for Critical Function vulnerability in Hammock Assetview 9.2 Missing authentication for critical function in AssetView prior to Ver.13.2.0 allows a remote unauthenticated attacker with some knowledge on the system configuration to upload a crafted configuration file to the managing server, which may result in the managed clients to execute arbitrary code with the administrative privilege. network low complexity hammock CWE-306 critical	9.8
2022-04-27	CVE-2022-27332	Missing Authentication for Critical Function vulnerability in Zammad An access control issue in Zammad v5.0.3 allows attackers to write entries to the CTI caller log without authentication. network low complexity zammad CWE-306 critical	9.1
2022-04-19	CVE-2022-0992	Missing Authentication for Critical Function vulnerability in Siteground Security Optimizer The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows unauthenticated users to log in as administrative users due to missing identity verification on initial 2FA set-up that allows unauthenticated and unauthorized users to configure 2FA for pending accounts. network low complexity siteground CWE-306 critical	9.8
2022-04-19	CVE-2022-0993	Missing Authentication for Critical Function vulnerability in Siteground Security The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows unauthenticated users to log in as administrative users due to missing identity verification on the 2FA back-up code implementation that logs users in upon success. network low complexity siteground CWE-306 critical	9.8
2022-04-12	CVE-2022-0140	Missing Authentication for Critical Function vulnerability in Vfbpro Visual Form Builder The Visual Form Builder WordPress plugin before 3.0.6 does not perform access control on entry form export, allowing unauthenticated users to see the form entries or export it as a CSV File using the vfb-export endpoint. network low complexity vfbpro CWE-306	5.3
2022-04-12	CVE-2022-0878	Missing Authentication for Critical Function vulnerability in Combined Charging System Project Combined Charging System Firmware Electric Vehicle (EV) commonly utilises the Combined Charging System (CCS) for DC rapid charging. low complexity combined-charging-system-project CWE-306	6.5
2022-04-08	CVE-2022-24820	Missing Authentication for Critical Function vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. network low complexity xwiki CWE-306	5.3
2022-04-08	CVE-2021-43483	Missing Authentication for Critical Function vulnerability in Claro Kaon Cg3000 Firmware 1.00.67 An Access Control vulnerability exists in CLARO KAON CG3000 1.00.67 in the router configuration, which could allow a malicious user to read or update the configuraiton without authentication. low complexity claro CWE-306	8.0
2022-04-07	CVE-2020-27376	Missing Authentication for Critical Function vulnerability in Drtrustusa Icheck Connect BP Monitor BP Testing 118 Firmware 1.2.1 Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Missing Authentication. low complexity drtrustusa CWE-306	8.8