Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2020-12-17 CVE-2020-35195 Missing Authentication for Critical Function vulnerability in Docker Haproxy Docker Image
The official haproxy docker images before 1.8.18-alpine (Alpine specific) contain a blank password for a root user.
network
low complexity
docker CWE-306
critical
 9.8
9.8
2020-12-17 CVE-2020-35192 Missing Authentication for Critical Function vulnerability in Hashicorp Vault
The official vault docker images before 0.11.6 contain a blank password for a root user.
network
low complexity
hashicorp CWE-306
critical
 9.8
9.8
2020-12-17 CVE-2020-35191 Missing Authentication for Critical Function vulnerability in Drupal Docker Images 8.3.0Fpmalpine/8.3.1Fpmalpine/8.5.10Fpmalpine
The official drupal docker images before 8.5.10-fpm-alpine (Alpine specific) contain a blank password for a root user.
network
low complexity
drupal CWE-306
critical
 9.8
9.8
2020-12-17 CVE-2020-35190 Missing Authentication for Critical Function vulnerability in Plone
The official plone Docker images before version of 4.3.18-alpine (Alpine specific) contain a blank password for a root user.
network
low complexity
plone CWE-306
critical
 9.8
9.8
2020-12-17 CVE-2020-35186 Missing Authentication for Critical Function vulnerability in Docker Adminer
The official adminer docker images before 4.7.0-fastcgi contain a blank password for a root user.
network
low complexity
docker CWE-306
critical
 9.8
9.8
2020-12-17 CVE-2020-35184 Missing Authentication for Critical Function vulnerability in Docker Composer Docker Image
The official composer docker images before 1.8.3 contain a blank password for a root user.
network
low complexity
docker CWE-306
critical
 9.8
9.8
2020-12-17 CVE-2020-35189 Missing Authentication for Critical Function vulnerability in Kong Alpine Docker Image
The official kong docker images before 1.0.2-alpine (Alpine specific) contain a blank password for a root user.
network
low complexity
kong CWE-306
critical
 9.8
9.8
2020-12-17 CVE-2020-35187 Missing Authentication for Critical Function vulnerability in Influxdata Telegraf
The official telegraf docker images before 1.9.4-alpine (Alpine specific) contain a blank password for a root user.
network
low complexity
influxdata CWE-306
critical
 9.8
9.8
2020-12-17 CVE-2020-35185 Missing Authentication for Critical Function vulnerability in Docker Ghost Alpine Docker Image
The official ghost docker images before 2.16.1-alpine (Alpine specific) contain a blank password for a root user.
network
low complexity
docker CWE-306
critical
 9.8
9.8
2020-12-16 CVE-2020-28929 Missing Authentication for Critical Function vulnerability in Epson EPS TSE Server 8 Firmware 21.0.11
Unrestricted access to the log downloader functionality in EPSON EPS TSE Server 8 (21.0.11) allows an unauthenticated attacker to remotely retrieve administrative hashed credentials via the maintenance/troubleshoot.php?download=1 URI.
network
low complexity
epson CWE-306
critical
 9.8
9.8