Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-31 | CVE-2021-22995 | Missing Authentication for Critical Function vulnerability in F5 Big-Iq Centralized Management On all 7.x and 6.x versions (fixed in 8.0.0), BIG-IQ high availability (HA) when using a Quorum device for automatic failover does not implement any form of authentication with the Corosync daemon. | 7.5 |
| 2021-03-29 | CVE-2020-25218 | Missing Authentication for Critical Function vulnerability in Grandstream products Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) allow Authentication Bypass in its administrative web interface. | 9.8 |
| 2021-03-22 | CVE-2021-28148 | Missing Authentication for Critical Function vulnerability in Grafana One of the usage insights HTTP API endpoints in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 is accessible without any authentication. | 7.5 |
| 2021-03-16 | CVE-2020-28899 | Missing Authentication for Critical Function vulnerability in Zyxel products The Web CGI Script on ZyXEL LTE4506-M606 V1.00(ABDO.2)C0 devices does not require authentication, which allows remote unauthenticated attackers (via crafted JSON action data to /cgi-bin/gui.cgi) to use all features provided by the router. | 9.1 |
| 2021-03-10 | CVE-2020-35226 | Missing Authentication for Critical Function vulnerability in Netgear Gs116E Firmware and Jgs516Pe Firmware NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices allow unauthenticated users to modify the switch DHCP configuration by sending the corresponding write request command. | 7.1 |
| 2021-03-10 | CVE-2020-19419 | Missing Authentication for Critical Function vulnerability in Emerson Smart Wireless Gateway 1420 Firmware 4.6.59 Incorrect Access Control in Emerson Smart Wireless Gateway 1420 4.6.59 allows remote attackers to obtain sensitive device information from the administrator console without authentication. | 7.5 |
| 2021-03-10 | CVE-2021-28122 | Missing Authentication for Critical Function vulnerability in Open5Gs A request-validation issue was discovered in Open5GS 2.1.3 through 2.2.x before 2.2.1. | 9.8 |
| 2021-03-09 | CVE-2020-27225 | Missing Authentication for Critical Function vulnerability in Eclipse Platform In versions 4.18 and earlier of the Eclipse Platform, the Help Subsystem does not authenticate active help requests to the local help web server, allowing an unauthenticated local attacker to issue active help commands to the associated Eclipse Platform process or Eclipse Rich Client Platform process. | 7.8 |
| 2021-03-05 | CVE-2021-26705 | Missing Authentication for Critical Function vulnerability in Squarebox Catdv An issue was discovered in SquareBox CatDV Server through 9.2. | 9.1 |
| 2021-03-05 | CVE-2021-27963 | Missing Authentication for Critical Function vulnerability in Sfcyazilim Sonlogger 4.1.3/4.2.3/5.1.3 SonLogger before 6.4.1 is affected by user creation with any user permissions profile (e.g., SuperAdmin). | 8.2 |