Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-17 | CVE-2021-38412 | Missing Authentication for Critical Function vulnerability in Digi Portserver TS 16 Firmware 82000684/82000685 Properly formatted POST requests to multiple resources on the HTTP and HTTPS web servers of the Digi PortServer TS 16 Rack device do not require authentication or authentication tokens. | 9.8 |
| 2021-09-14 | CVE-2019-10941 | Missing Authentication for Critical Function vulnerability in Siemens Sinema Server 12.0/13.0/14.0 A vulnerability has been identified in SINEMA Server (All versions < V14 SP3). | 5.3 |
| 2021-09-13 | CVE-2021-33543 | Missing Authentication for Critical Function vulnerability in Geutebrueck products Multiple camera devices by UDP Technology, Geutebrück and other vendors allow unauthenticated remote access to sensitive files due to default user authentication settings. | 9.8 |
| 2021-09-09 | CVE-2021-28913 | Missing Authentication for Critical Function vulnerability in Bab-Technologie Eibport Firmware 3.8.2/3.8.3 BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /webif/SecurityModule to validate the so called and hard coded unique 'eibPort String' which acts as the root SSH key passphrase. | 9.8 |
| 2021-09-09 | CVE-2021-38540 | Missing Authentication for Critical Function vulnerability in Apache Airflow The variable import endpoint was not protected by authentication in Airflow >=2.0.0, <2.1.3. | 9.8 |
| 2021-09-07 | CVE-2021-32800 | Missing Authentication for Critical Function vulnerability in Nextcloud Server Nextcloud server is an open source, self hosted personal cloud. | 8.1 |
| 2021-09-01 | CVE-2021-37415 | Missing Authentication for Critical Function vulnerability in Zohocorp Manageengine Servicedesk Plus Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that allows a few REST-API URLs without authentication. | 9.8 |
| 2021-08-31 | CVE-2021-27668 | Missing Authentication for Critical Function vulnerability in Hashicorp Vault HashiCorp Vault Enterprise 0.9.2 through 1.6.2 allowed the read of license metadata from DR secondaries without authentication. | 5.3 |
| 2021-08-25 | CVE-2021-33882 | Missing Authentication for Critical Function vulnerability in Bbraun Spacecom2 A Missing Authentication for Critical Function vulnerability in B. | 8.6 |
| 2021-08-19 | CVE-2021-31868 | Missing Authentication for Critical Function vulnerability in Rapid7 Nexpose Rapid7 Nexpose version 6.6.95 and earlier allows authenticated users of the Security Console to view and edit any ticket in the legacy ticketing feature, regardless of the assignment of the ticket. | 5.4 |