Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-23 | CVE-2021-20198 | Missing Authentication for Critical Function vulnerability in Redhat Openshift Installer A flaw was found in the OpenShift Installer before version v0.9.0-master.0.20210125200451-95101da940b0. | 6.8 |
| 2021-02-17 | CVE-2021-26697 | Missing Authentication for Critical Function vulnerability in Apache Airflow 2.0.0 The lineage endpoint of the deprecated Experimental API was not protected by authentication in Airflow 2.0.0. | 5.3 |
| 2021-02-11 | CVE-2021-22652 | Missing Authentication for Critical Function vulnerability in Advantech Iview 5.6 Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing authentication, which may allow an unauthorized attacker to change the configuration and obtain code execution. | 7.5 |
| 2021-02-09 | CVE-2020-26192 | Missing Authentication for Critical Function vulnerability in Dell EMC Powerscale Onefs Dell EMC PowerScale OneFS versions 8.2.0 - 9.1.0 contain a privilege escalation vulnerability. | 4.6 |
| 2021-02-09 | CVE-2021-21472 | Missing Authentication for Critical Function vulnerability in SAP Software Provisioning Manager 1.0 SAP Software Provisioning Manager 1.0 (SAP NetWeaver Master Data Management Server 7.1) does not have an option to set password during its installation, this allows an authenticated attacker to perform various security attacks like Directory Traversal, Password Brute force Attack, SMB Relay attack, Security Downgrade. | 8.8 |
| 2021-02-09 | CVE-2020-15798 | Missing Authentication for Critical Function vulnerability in Siemens products A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. | 9.8 |
| 2021-02-05 | CVE-2020-10537 | Missing Authentication for Critical Function vulnerability in Epikur 20.1.0.1 An issue was discovered in Epikur before 20.1.1. | 4.6 |
| 2021-01-27 | CVE-2021-25312 | Missing Authentication for Critical Function vulnerability in Wisc Htcondor HTCondor before 8.9.11 allows a user to submit a job as another user on the system, because of a flaw in the IDTOKENS authentication method. | 6.5 |
| 2021-01-21 | CVE-2020-4958 | Missing Authentication for Critical Function vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. | 7.5 |
| 2021-01-19 | CVE-2020-27272 | Missing Authentication for Critical Function vulnerability in Sooil products SOOIL Developments CoLtd DiabecareRS, AnyDana-i, AnyDana-A, The communication protocol of the insulin pump and AnyDana-i,AnyDana-A mobile apps doesn't use adequate measures to authenticate the pump before exchanging keys, which allows unauthenticated, physically proximate attackers to eavesdrop the keys and spoof the pump via BLE. | 2.9 |