Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-04 | CVE-2024-35143 | Missing Authentication for Critical Function vulnerability in IBM products IBM Planning Analytics Local 2.0 and 2.1 connects to a MongoDB server. | 9.1 |
| 2024-07-28 | CVE-2024-7154 | Missing Authentication for Critical Function vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513 A vulnerability, which was classified as problematic, was found in TOTOLINK A3700R 9.1.2u.5822_B20200513. | 7.5 |
| 2024-07-25 | CVE-2024-7007 | Missing Authentication for Critical Function vulnerability in Positron Tra7005 Firmware 1.20 Positron Broadcast Signal Processor TRA7005 v1.20 is vulnerable to an authentication bypass exploit that could allow an attacker to have unauthorized access to protected areas of the application. | 9.8 |
| 2024-07-24 | CVE-2024-7079 | Missing Authentication for Critical Function vulnerability in Redhat Openshift Container Platform 3.11/4.0 A flaw was found in the Openshift console. | 6.5 |
| 2024-07-21 | CVE-2024-38437 | Missing Authentication for Critical Function vulnerability in Dlink Dsl-225 Firmware Bz1.00.16 D-Link - CWE-288:Authentication Bypass Using an Alternate Path or Channel | 9.8 |
| 2024-07-10 | CVE-2024-5910 | Missing Authentication for Critical Function vulnerability in Paloaltonetworks Expedition Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. | 9.8 |
| 2024-07-10 | CVE-2024-6422 | Missing Authentication for Critical Function vulnerability in Pepperl-Fuchs products An unauthenticated remote attacker can manipulate the device via Telnet, stop processes, read, delete and change data. | 9.8 |
| 2024-06-27 | CVE-2024-31916 | Missing Authentication for Critical Function vulnerability in IBM Openbmc IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive URI content to an unauthorized actor that bypasses authentication channels. | 7.5 |
| 2024-06-13 | CVE-2024-5947 | Missing Authentication for Critical Function vulnerability in Deepseaelectronics Dse855 Firmware 1.1.0 Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. | 6.5 |
| 2024-06-13 | CVE-2024-5951 | Missing Authentication for Critical Function vulnerability in Deepseaelectronics Dse855 Firmware 1.1.0 Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability. | 6.5 |