Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-03 | CVE-2023-41351 | Missing Authentication for Critical Function vulnerability in Nokia G-040W-Q Firmware G040Wqr201207 Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of authentication bypass, which allows an unauthenticated remote attacker to bypass the authentication mechanism to log in to the device by an alternative URL. | 9.8 |
| 2023-10-31 | CVE-2023-46249 | Missing Authentication for Critical Function vulnerability in Goauthentik Authentik authentik is an open-source Identity Provider. | 9.8 |
| 2023-10-31 | CVE-2023-46978 | Missing Authentication for Critical Function vulnerability in Totolink X6000R Firmware 9.4.0Cu.852B20230719 TOTOLINK X6000R V9.4.0cu.852_B20230719 is vulnerable to Incorrect Access Control.Attackers can reset login password & WIFI passwords without authentication. | 7.5 |
| 2023-10-26 | CVE-2023-46747 | Missing Authentication for Critical Function vulnerability in F5 products Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | 9.8 |
| 2023-10-25 | CVE-2023-40401 | Missing Authentication for Critical Function vulnerability in Apple Macos The issue was addressed with additional permissions checks. | 7.5 |
| 2023-10-25 | CVE-2023-42845 | Missing Authentication for Critical Function vulnerability in Apple Ipados, Iphone OS and Macos An authentication issue was addressed with improved state management. | 5.3 |
| 2023-10-25 | CVE-2023-26570 | Missing Authentication for Critical Function vulnerability in Idattend Idweb Missing authentication in the StudentPopupDetails_Timetable method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction sensitive student data by unauthenticated attackers. | 7.5 |
| 2023-10-25 | CVE-2023-26571 | Missing Authentication for Critical Function vulnerability in Idattend Idweb Missing authentication in the SetStudentNotes method in IDAttend’s IDWeb application 3.1.052 and earlier allows modification of student data by unauthenticated attackers. | 7.5 |
| 2023-10-25 | CVE-2023-26573 | Missing Authentication for Critical Function vulnerability in Idattend Idweb Missing authentication in the SetDB method in IDAttend’s IDWeb application 3.1.052 and earlier allows denial of service or theft of database login credentials. | 9.1 |
| 2023-10-25 | CVE-2023-26574 | Missing Authentication for Critical Function vulnerability in Idattend Idweb Missing authentication in the SearchStudents method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction sensitive student data by unauthenticated attackers. | 7.5 |