Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2021-01-21 CVE-2020-4958 Missing Authentication for Critical Function vulnerability in IBM Security Identity Governance and Intelligence 5.2.6
IBM Security Identity Governance and Intelligence 5.2.6 does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
network
low complexity
ibm CWE-306
critical
 9.8
9.8
2021-01-19 CVE-2021-22850 Missing Authentication for Critical Function vulnerability in Hgiga Oaklouds Portal
HGiga EIP product lacks ineffective access control in certain pages that allow attackers to access database or perform privileged functions.
network
low complexity
hgiga CWE-306
critical
 9.8
9.8
2021-01-13 CVE-2020-9143 Missing Authentication for Critical Function vulnerability in Huawei Emui and Magic UI
There is a missing authentication vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability may lead to low-sensitive information exposure.
network
low complexity
huawei CWE-306
5.3
5.3
2021-01-06 CVE-2020-27285 Missing Authentication for Critical Function vulnerability in Redlion Crimson 3.1
The default configuration of Crimson 3.1 (Build versions prior to 3119.001) allows a user to be able to read and modify the database without authentication.
network
low complexity
redlion CWE-306
critical
 9.1
9.1
2021-01-01 CVE-2020-35951 Missing Authentication for Critical Function vulnerability in Expresstech Quiz and Survey Master
An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress.
network
low complexity
expresstech CWE-306
critical
 9.9
9.9
2020-12-29 CVE-2020-9208 Missing Authentication for Critical Function vulnerability in Huawei Imanager Neteco 6000 V600R021C00
There is an information leak vulnerability in iManager NetEco 6000 versions V600R021C00.
network
low complexity
huawei CWE-306
6.5
6.5
2020-12-23 CVE-2020-29551 Missing Authentication for Critical Function vulnerability in Urve 24.03.2020
An issue was discovered in URVE Build 24.03.2020.
network
low complexity
urve CWE-306
critical
 9.1
9.1
2020-12-22 CVE-2020-24580 Missing Authentication for Critical Function vulnerability in Dlink Dsl2888A Firmware
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55.
high complexity
dlink CWE-306
7.5
7.5
2020-12-17 CVE-2020-35197 Missing Authentication for Critical Function vulnerability in Docker Memcached Docker Image
The official memcached docker images before 1.5.11-alpine (Alpine specific) contain a blank password for a root user.
network
low complexity
docker CWE-306
critical
 9.8
9.8
2020-12-17 CVE-2020-35196 Missing Authentication for Critical Function vulnerability in Docker Rabbitmq Docker Image 3.7.12
The official rabbitmq docker images before 3.7.13-beta.1-management-alpine (Alpine specific) contain a blank password for a root user.
network
low complexity
docker CWE-306
critical
 9.8
9.8