Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-08 | CVE-2021-28809 | Missing Authentication for Critical Function vulnerability in Qnap Hybrid Backup Sync 3.0.210411/3.0.210412/3.0.210506 An improper access control vulnerability has been reported to affect certain legacy versions of HBS 3. | 9.8 |
| 2021-07-07 | CVE-2021-20474 | Missing Authentication for Critical Function vulnerability in IBM Guardium Data Encryption 3.0.0.2/4.0.0.4 IBM Guardium Data Encryption (GDE) 3.0.0.2 and 4.0.0.4 does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. | 7.5 |
| 2021-07-07 | CVE-2021-33221 | Missing Authentication for Critical Function vulnerability in Commscope Ruckus IOT Controller 1.7.1.0 An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. | 9.8 |
| 2021-07-07 | CVE-2021-34621 | Missing Authentication for Critical Function vulnerability in Properfraction Profilepress A vulnerability in the user registration component found in the ~/src/Classes/RegistrationAuth.php file of the ProfilePress WordPress plugin made it possible for users to register on sites as an administrator. | 9.8 |
| 2021-06-30 | CVE-2021-20107 | Missing Authentication for Critical Function vulnerability in Sloan products There exists an unauthenticated BLE Interface in Sloan SmartFaucets including Optima EAF, Optima ETF/EBF, BASYS EFX, and Flushometers including SOLIS. | 5.4 |
| 2021-06-29 | CVE-2021-35941 | Missing Authentication for Critical Function vulnerability in Westerndigital products Western Digital WD My Book Live (2.x and later) and WD My Book Live Duo (all versions) have an administrator API that can perform a system factory restore without authentication, as exploited in the wild in June 2021, a different vulnerability than CVE-2018-18472. | 7.5 |
| 2021-06-28 | CVE-2021-31337 | Missing Authentication for Critical Function vulnerability in Siemens products The Telnet service of the SIMATIC HMI Comfort Panels system component in affected products does not require authentication, which may allow a remote attacker to gain access to the device if the service is enabled. | 9.8 |
| 2021-06-24 | CVE-2021-32709 | Missing Authentication for Critical Function vulnerability in Shopware Shopware is an open source eCommerce platform. | 4.9 |
| 2021-06-24 | CVE-2021-33346 | Missing Authentication for Critical Function vulnerability in Dlink Dsl-2888A Firmware There is an arbitrary password modification vulnerability in a D-LINK DSL-2888A router product. | 9.8 |
| 2021-06-22 | CVE-2021-32700 | Missing Authentication for Critical Function vulnerability in Ballerina and Swan Lake Ballerina is an open source programming language and platform for cloud application programmers. | 7.4 |