Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2021-05-03 CVE-2020-35755 Missing Authentication for Critical Function vulnerability in Librewireless LS9 Firmware 7040
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices.
network
low complexity
librewireless CWE-306
7.5
7.5
2021-05-03 CVE-2020-35758 Missing Authentication for Critical Function vulnerability in Librewireless LS9 Firmware 7040
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices.
network
low complexity
librewireless CWE-306
critical
 9.8
9.8
2021-05-03 CVE-2020-35757 Missing Authentication for Critical Function vulnerability in Librewireless LS9 Firmware 7040
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices.
network
low complexity
librewireless CWE-306
critical
 9.8
9.8
2021-05-03 CVE-2020-35756 Missing Authentication for Critical Function vulnerability in Librewireless LS9 Firmware 7040
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices.
network
low complexity
librewireless CWE-306
7.5
7.5
2021-04-30 CVE-2021-21535 Missing Authentication for Critical Function vulnerability in Dell Hybrid Client 1.0/1.1/1.1.01
Dell Hybrid Client versions prior to 1.5 contain a missing authentication for a critical function vulnerability.
local
low complexity
dell CWE-306
7.8
7.8
2021-04-29 CVE-2020-21997 Missing Authentication for Critical Function vulnerability in Smartwares Home Easy Firmware
Smartwares HOME easy <=1.0.9 is vulnerable to an unauthenticated database backup download and information disclosure vulnerability.
network
low complexity
smartwares CWE-306
7.5
7.5
2021-04-28 CVE-2020-21996 Missing Authentication for Critical Function vulnerability in AVE products
AVE DOMINAplus <=1.10.x suffers from an unauthenticated reboot command execution.
network
low complexity
ave CWE-306
7.5
7.5
2021-04-27 CVE-2020-17517 Missing Authentication for Critical Function vulnerability in Apache Ozone 0.4.2/0.5.0/1.0.0
The S3 buckets and keys in a secure Apache Ozone Cluster must be inaccessible to anonymous access by default.
network
low complexity
apache CWE-306
7.5
7.5
2021-04-26 CVE-2020-15078 Missing Authentication for Critical Function vulnerability in multiple products
OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks.
network
low complexity
openvpn fedoraproject canonical debian CWE-306
7.5
7.5
2021-04-26 CVE-2021-20697 Missing Authentication for Critical Function vulnerability in Dlink Dap-1880Ac Firmware 1.21
Missing authentication for critical function in DAP-1880AC firmware version 1.21 and earlier allows a remote attacker to login to the device as an authenticated user without the access privilege via unspecified vectors.
network
low complexity
dlink CWE-306
critical
 9.8
9.8