Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2021-03-09 CVE-2020-27225 Missing Authentication for Critical Function vulnerability in Eclipse Platform
In versions 4.18 and earlier of the Eclipse Platform, the Help Subsystem does not authenticate active help requests to the local help web server, allowing an unauthenticated local attacker to issue active help commands to the associated Eclipse Platform process or Eclipse Rich Client Platform process.
local
low complexity
eclipse CWE-306
4.6
4.6
2021-03-09 CVE-2021-20262 Missing Authentication for Critical Function vulnerability in Redhat Keycloak and Single Sign-On
A flaw was found in Keycloak 12.0.0 where re-authentication does not occur while updating the password.
local
low complexity
redhat CWE-306
4.6
4.6
2021-03-05 CVE-2021-27255 Missing Authentication for Critical Function vulnerability in Netgear products
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76.
low complexity
netgear CWE-306
8.3
8.3
2021-03-05 CVE-2021-26705 Missing Authentication for Critical Function vulnerability in Squarebox Catdv
An issue was discovered in SquareBox CatDV Server through 9.2.
network
low complexity
squarebox CWE-306
6.4
6.4
2021-03-05 CVE-2021-27963 Missing Authentication for Critical Function vulnerability in Sfcyazilim Sonlogger 4.1.3/4.2.3/5.1.3
SonLogger before 6.4.1 is affected by user creation with any user permissions profile (e.g., SuperAdmin).
network
low complexity
sfcyazilim CWE-306
6.4
6.4
2021-03-03 CVE-2021-27215 Missing Authentication for Critical Function vulnerability in Genua Genuagate 10.1/9.0/9.6.0
An issue was discovered in genua genugate before 9.0 Z p19, 9.1.x through 9.6.x before 9.6 p7, and 10.x before 10.1 p4.
network
low complexity
genua CWE-306
7.5
7.5
2021-02-27 CVE-2019-25020 Missing Authentication for Critical Function vulnerability in Scytl Secure Vote 2.1
An issue was discovered in Scytl sVote 2.1.
network
low complexity
scytl CWE-306
5.0
5.0
2021-02-24 CVE-2021-1396 Missing Authentication for Critical Function vulnerability in Cisco products
Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make limited configuration changes.
network
low complexity
cisco CWE-306
6.5
6.5
2021-02-24 CVE-2021-1393 Missing Authentication for Critical Function vulnerability in Cisco products
Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make limited configuration changes.
network
low complexity
cisco CWE-306
critical
 9.8
9.8
2021-02-24 CVE-2021-20662 Missing Authentication for Critical Function vulnerability in Contec Sv-Cpt-Mc310 Firmware
Missing authentication for critical function in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to alter the setting information without the access privileges via unspecified vectors.
network
low complexity
contec CWE-306
5.0
5.0