Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-08 | CVE-2021-35979 | Missing Authentication for Critical Function vulnerability in Digi products An issue was discovered in Digi RealPort through 4.8.488.0. | 8.1 |
| 2021-10-04 | CVE-2021-23858 | Missing Authentication for Critical Function vulnerability in Bosch products Information disclosure: The main configuration, including users and their hashed passwords, is exposed by an unprotected web server resource and can be accessed without authentication. | 7.5 |
| 2021-10-04 | CVE-2021-39879 | Missing Authentication for Critical Function vulnerability in Gitlab Missing authentication in all versions of GitLab CE/EE since version 7.11.0 allows an attacker with access to a victim's session to disable two-factor authentication | 3.5 |
| 2021-09-28 | CVE-2021-41104 | Missing Authentication for Critical Function vulnerability in Esphome Firmware 2021.9.1 ESPHome is a system to control the ESP8266/ESP32. | 7.5 |
| 2021-09-23 | CVE-2021-22012 | Missing Authentication for Critical Function vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains an information disclosure vulnerability due to an unauthenticated appliance management API. | 7.5 |
| 2021-09-21 | CVE-2021-37420 | Missing Authentication for Critical Function vulnerability in Zohocorp Manageengine Admanager Plus 6.1 Zoho ManageEngine ADSelfService Plus before 6112 is vulnerable to mail spoofing. | 6.5 |
| 2021-09-17 | CVE-2021-38412 | Missing Authentication for Critical Function vulnerability in Digi Portserver TS 16 Firmware 82000684/82000685 Properly formatted POST requests to multiple resources on the HTTP and HTTPS web servers of the Digi PortServer TS 16 Rack device do not require authentication or authentication tokens. | 9.8 |
| 2021-09-14 | CVE-2019-10941 | Missing Authentication for Critical Function vulnerability in Siemens Sinema Server 12.0/13.0/14.0 A vulnerability has been identified in SINEMA Server (All versions < V14 SP3). | 5.3 |
| 2021-09-09 | CVE-2021-28913 | Missing Authentication for Critical Function vulnerability in Bab-Technologie Eibport Firmware 3.8.2/3.8.3 BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /webif/SecurityModule to validate the so called and hard coded unique 'eibPort String' which acts as the root SSH key passphrase. | 9.8 |
| 2021-09-09 | CVE-2021-38540 | Missing Authentication for Critical Function vulnerability in Apache Airflow The variable import endpoint was not protected by authentication in Airflow >=2.0.0, <2.1.3. | 9.8 |