Vulnerabilities > Missing Authentication for Critical Function

DATE	CVE	VULNERABILITY TITLE	RISK
2021-09-21	CVE-2021-37420	Missing Authentication for Critical Function vulnerability in Zohocorp Manageengine Admanager Plus 6.1 Zoho ManageEngine ADSelfService Plus before 6112 is vulnerable to mail spoofing. network zohocorp CWE-306	4.3
2021-09-17	CVE-2021-38412	Missing Authentication for Critical Function vulnerability in Digi Portserver TS 16 Firmware 82000684/82000685 Properly formatted POST requests to multiple resources on the HTTP and HTTPS web servers of the Digi PortServer TS 16 Rack device do not require authentication or authentication tokens. network low complexity digi CWE-306 critical	9.8
2021-09-14	CVE-2019-10941	Missing Authentication for Critical Function vulnerability in Siemens Sinema Server 12.0/13.0/14.0 A vulnerability has been identified in SINEMA Server (All versions < V14 SP3). network low complexity siemens CWE-306	5.0
2021-09-13	CVE-2021-33543	Missing Authentication for Critical Function vulnerability in Geutebrueck products Multiple camera devices by UDP Technology, Geutebrück and other vendors allow unauthenticated remote access to sensitive files due to default user authentication settings. network low complexity geutebrueck CWE-306 critical	9.8
2021-09-09	CVE-2021-28913	Missing Authentication for Critical Function vulnerability in Bab-Technologie Eibport Firmware 3.8.2/3.8.3 BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /webif/SecurityModule to validate the so called and hard coded unique 'eibPort String' which acts as the root SSH key passphrase. network low complexity bab-technologie CWE-306 critical	10.0
2021-09-09	CVE-2021-38540	Missing Authentication for Critical Function vulnerability in Apache Airflow The variable import endpoint was not protected by authentication in Airflow >=2.0.0, <2.1.3. network low complexity apache CWE-306 critical	9.8
2021-09-07	CVE-2021-32800	Missing Authentication for Critical Function vulnerability in Nextcloud Server Nextcloud server is an open source, self hosted personal cloud. network low complexity nextcloud CWE-306	6.4
2021-09-01	CVE-2021-37415	Missing Authentication for Critical Function vulnerability in Zohocorp Manageengine Servicedesk Plus Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that allows a few REST-API URLs without authentication. network low complexity zohocorp CWE-306 critical	9.8
2021-08-31	CVE-2021-27668	Missing Authentication for Critical Function vulnerability in Hashicorp Vault HashiCorp Vault Enterprise 0.9.2 through 1.6.2 allowed the read of license metadata from DR secondaries without authentication. network low complexity hashicorp CWE-306	5.0
2021-08-25	CVE-2021-33882	Missing Authentication for Critical Function vulnerability in Bbraun Spacecom2 A Missing Authentication for Critical Function vulnerability in B. network low complexity bbraun CWE-306	5.0