Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-11 | CVE-2021-43974 | Missing Authentication for Critical Function vulnerability in Sysaid Itil 20.4.74 An issue was discovered in SysAid ITIL 20.4.74 b10. | 5.3 |
| 2022-01-04 | CVE-2021-43832 | Missing Authentication for Critical Function vulnerability in Linuxfoundation Spinnaker Spinnaker is an open source, multi-cloud continuous delivery platform. | 9.8 |
| 2022-01-01 | CVE-2021-43333 | Missing Authentication for Critical Function vulnerability in Datalogic DXU The Datalogic DXU service on (for example) DL-Axist devices does not require authentication for configuration changes or disclosure of configuration settings. | 6.5 |
| 2021-12-30 | CVE-2021-20150 | Missing Authentication for Critical Function vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses information via redirection from the setup wizard. | 5.3 |
| 2021-12-30 | CVE-2021-20152 | Missing Authentication for Critical Function vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 lacks proper authentication to the bittorrent functionality. | 6.5 |
| 2021-12-30 | CVE-2021-20158 | Missing Authentication for Critical Function vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 contains an authentication bypass vulnerability. | 9.8 |
| 2021-12-30 | CVE-2021-20161 | Missing Authentication for Critical Function vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient protections for the UART functionality. | 6.8 |
| 2021-12-27 | CVE-2021-45232 | Missing Authentication for Critical Function vulnerability in Apache Apisix Dashboard In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduces framework `droplet` on the basis of framework `gin`, all APIs and authentication middleware are developed based on framework `droplet`, but some API directly use the interface of framework `gin` thus bypassing the authentication. | 9.8 |
| 2021-12-15 | CVE-2021-36888 | Missing Authentication for Critical Function vulnerability in Blocksera Image Hover Effects Unauthenticated Arbitrary Options Update vulnerability leading to full website compromise discovered in Image Hover Effects Ultimate (versions <= 9.6.1) WordPress plugin. | 9.8 |
| 2021-12-13 | CVE-2021-22279 | Missing Authentication for Critical Function vulnerability in ABB Omnicore C30 Firmware A Missing Authentication vulnerability in RobotWare for the OmniCore robot controller allows an attacker to read and modify files on the robot controller if the attacker has access to the Connected Services Gateway Ethernet port. | 9.8 |