Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2024-09-13 CVE-2024-6582 Missing Authentication for Critical Function vulnerability in Lunary
A broken access control vulnerability exists in the latest version of lunary-ai/lunary.
network
low complexity
lunary CWE-306
4.3
2024-09-11 CVE-2024-8277 Missing Authentication for Critical Function vulnerability in Villatheme Woocommerce Photo Reviews
The WooCommerce Photo Reviews Premium plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.3.13.2.
network
low complexity
villatheme CWE-306
critical
9.8
2024-09-10 CVE-2024-8012 Missing Authentication for Critical Function vulnerability in Ivanti Workspace Control
An authentication bypass weakness in the message broker service of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges.
local
low complexity
ivanti CWE-306
7.8
2024-09-10 CVE-2024-8320 Missing Authentication for Critical Function vulnerability in Ivanti Endpoint Manager
Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to spoof Network Isolation status of managed devices.
network
low complexity
ivanti CWE-306
5.3
2024-09-10 CVE-2024-8321 Missing Authentication for Critical Function vulnerability in Ivanti Endpoint Manager
Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to isolate managed devices from the network.
network
low complexity
ivanti CWE-306
8.6
2024-09-10 CVE-2024-37991 Missing Authentication for Critical Function vulnerability in Siemens products
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2).
network
low complexity
siemens CWE-306
6.5
2024-08-30 CVE-2024-39300 Missing Authentication for Critical Function vulnerability in Elecom Wab-I1750-Ps Firmware
Missing authentication vulnerability exists in Telnet function of WAB-I1750-PS v1.5.10 and earlier.
network
high complexity
elecom CWE-306
3.7
2024-08-27 CVE-2024-7940 Missing Authentication for Critical Function vulnerability in Hitachienergy Microscada X Sys600
The product exposes a service that is intended for local only to all network interfaces without any authentication.
network
low complexity
hitachienergy CWE-306
critical
9.8
2024-08-22 CVE-2024-35151 Missing Authentication for Critical Function vulnerability in IBM Openpages GRC Platform and Openpages With Watson
IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive information through improper authorization controls on APIs.
network
low complexity
ibm CWE-306
6.5
2024-08-13 CVE-2024-35124 Missing Authentication for Critical Function vulnerability in IBM Openbmc
A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00 through FW1030.50, and FW1020.00 through FW1020.60 default password and session management allow an attacker to gain administrative access to the BMC.
network
high complexity
ibm CWE-306
7.5