Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2021-06-30 CVE-2021-20107 Missing Authentication for Critical Function vulnerability in Sloan products
There exists an unauthenticated BLE Interface in Sloan SmartFaucets including Optima EAF, Optima ETF/EBF, BASYS EFX, and Flushometers including SOLIS.
low complexity
sloan CWE-306
5.4
5.4
2021-06-29 CVE-2021-35941 Missing Authentication for Critical Function vulnerability in Westerndigital products
Western Digital WD My Book Live (2.x and later) and WD My Book Live Duo (all versions) have an administrator API that can perform a system factory restore without authentication, as exploited in the wild in June 2021, a different vulnerability than CVE-2018-18472.
network
low complexity
westerndigital CWE-306
7.5
7.5
2021-06-24 CVE-2021-33346 Missing Authentication for Critical Function vulnerability in Dlink Dsl-2888A Firmware
There is an arbitrary password modification vulnerability in a D-LINK DSL-2888A router product.
network
low complexity
dlink CWE-306
critical
 9.8
9.8
2021-06-21 CVE-2020-20472 Missing Authentication for Critical Function vulnerability in White Shark Systems Project White Shark Systems 1.3.2
White Shark System (WSS) 1.3.2 has a sensitive information disclosure vulnerability.
network
low complexity
white-shark-systems-project CWE-306
5.3
5.3
2021-06-09 CVE-2021-23847 Missing Authentication for Critical Function vulnerability in Bosch Cpp6 Firmware, Cpp7.3 Firmware and Cpp7 Firmware
A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated remote attacker to extract sensitive information or change settings of the camera by sending crafted requests to the device.
network
low complexity
bosch CWE-306
critical
 9.1
9.1
2021-06-04 CVE-2021-26928 Missing Authentication for Critical Function vulnerability in NIC Bird
BIRD through 2.0.7 does not provide functionality for password authentication of BGP peers.
network
high complexity
nic CWE-306
6.8
6.8
2021-06-03 CVE-2021-22316 Missing Authentication for Critical Function vulnerability in Huawei Emui and Magic UI
There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone.
low complexity
huawei CWE-306
6.8
6.8
2021-06-03 CVE-2021-22322 Missing Authentication for Critical Function vulnerability in Huawei Emui and Magic UI
There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone.
network
low complexity
huawei CWE-306
7.5
7.5
2021-05-26 CVE-2020-25634 Missing Authentication for Critical Function vulnerability in Redhat 3Scale and 3Scale API Management
A flaw was found in Red Hat 3scale’s API docs URL, where it is accessible without credentials.
network
low complexity
redhat CWE-306
5.4
5.4
2021-05-26 CVE-2021-21986 Missing Authentication for Critical Function vulnerability in VMWare Vcenter Server 6.5/6.7/7.0
The vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins.
network
low complexity
vmware CWE-306
critical
 9.8
9.8