Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2021-06-09 CVE-2021-23847 Missing Authentication for Critical Function vulnerability in Bosch Cpp6 Firmware, Cpp7.3 Firmware and Cpp7 Firmware
A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated remote attacker to extract sensitive information or change settings of the camera by sending crafted requests to the device.
network
low complexity
bosch CWE-306
critical
 9.1
9.1
2021-06-04 CVE-2021-26928 Missing Authentication for Critical Function vulnerability in NIC Bird
BIRD through 2.0.7 does not provide functionality for password authentication of BGP peers.
network
high complexity
nic CWE-306
6.8
6.8
2021-06-03 CVE-2021-22316 Missing Authentication for Critical Function vulnerability in Huawei Emui and Magic UI
There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone.
low complexity
huawei CWE-306
6.8
6.8
2021-06-03 CVE-2021-22322 Missing Authentication for Critical Function vulnerability in Huawei Emui and Magic UI
There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone.
network
low complexity
huawei CWE-306
7.5
7.5
2021-05-26 CVE-2020-25634 Missing Authentication for Critical Function vulnerability in Redhat 3Scale and 3Scale API Management
A flaw was found in Red Hat 3scale’s API docs URL, where it is accessible without credentials.
network
low complexity
redhat CWE-306
5.4
5.4
2021-05-26 CVE-2021-21986 Missing Authentication for Critical Function vulnerability in VMWare Vcenter Server 6.5/6.7/7.0
The vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins.
network
low complexity
vmware CWE-306
critical
 9.8
9.8
2021-05-25 CVE-2021-30190 Missing Authentication for Critical Function vulnerability in Codesys V2 web Server
CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control.
network
low complexity
codesys CWE-306
critical
 9.8
9.8
2021-05-17 CVE-2020-4670 Missing Authentication for Critical Function vulnerability in IBM Planning Analytics Cloud and Planning Analytics Local
IBM Planning Analytics Local 2.0 connects to a Redis server.
network
low complexity
ibm CWE-306
critical
 9.1
9.1
2021-05-17 CVE-2021-32453 Missing Authentication for Critical Function vulnerability in Sitel-Sa Cap/Prx Firmware 5.2.01
SITEL CAP/PRX firmware version 5.2.01 allows an attacker with access to the local network, to access via HTTP to the internal configuration database of the device without any authentication.
local
low complexity
sitel-sa CWE-306
3.3
3.3
2021-05-13 CVE-2021-20998 Missing Authentication for Critical Function vulnerability in Wago products
In multiple managed switches by WAGO in different versions without authorization and with specially crafted packets it is possible to create users.
network
low complexity
wago CWE-306
critical
 9.8
9.8