Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-12 | CVE-2022-28771 | Missing Authentication for Critical Function vulnerability in SAP Business ONE License Service API 10.0 Due to missing authentication check, SAP Business one License service API - version 10.0 allows an unauthenticated attacker to send malicious http requests over the network. | 7.5 |
| 2022-07-12 | CVE-2021-44222 | Missing Authentication for Critical Function vulnerability in Siemens Simatic Easie Core Package A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). | 9.1 |
| 2022-07-12 | CVE-2022-33138 | Missing Authentication for Critical Function vulnerability in Siemens products A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3), SIMATIC MV560 U (All versions < V3.3), SIMATIC MV560 X (All versions < V3.3). | 7.5 |
| 2022-06-30 | CVE-2022-23719 | Missing Authentication for Critical Function vulnerability in Pingidentity Pingid Integration for Windows Login PingID Windows Login prior to 2.8 does not authenticate communication with a local Java service used to capture security key requests. | 6.4 |
| 2022-06-29 | CVE-2022-29270 | Missing Authentication for Critical Function vulnerability in Nagios XI In Nagios XI through 5.8.5, it is possible for a user without password verification to change his e-mail address. | 4.3 |
| 2022-06-29 | CVE-2022-31266 | Missing Authentication for Critical Function vulnerability in Ilias In ILIAS through 7.10, lack of verification when changing an email address (on the Profile Page) allows remote attackers to take over accounts. | 4.3 |
| 2022-06-22 | CVE-2022-21952 | Missing Authentication for Critical Function vulnerability in Suse Manager Server A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. | 7.5 |
| 2022-06-16 | CVE-2022-24562 | Missing Authentication for Critical Function vulnerability in Iobit Iotransfer 4.3.1.1561 In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airserv and gain arbitrary read/write access to the entire file-system (with admin privileges) on the victim's endpoint, which can result in data theft and remote code execution. | 9.8 |
| 2022-06-15 | CVE-2021-41418 | Missing Authentication for Critical Function vulnerability in Ariang Project Ariang AriaNg v0.1.0~v1.2.2 is affected by an incorrect access control vulnerability through not authenticating visitors' access rights. | 9.8 |
| 2022-06-15 | CVE-2022-32157 | Missing Authentication for Critical Function vulnerability in Splunk Splunk Enterprise deployment servers in versions before 9.0 allow unauthenticated downloading of forwarder bundles. | 7.5 |