Vulnerabilities > Missing Authentication for Critical Function

DATE	CVE	VULNERABILITY TITLE	RISK
2020-11-18	CVE-2020-3531	Missing Authentication for Critical Function vulnerability in Cisco IOT Field Network Director A vulnerability in the REST API of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to access the back-end database of an affected system. network low complexity cisco CWE-306 critical	10.0
2020-11-18	CVE-2020-3392	Missing Authentication for Critical Function vulnerability in Cisco IOT Field Network Director A vulnerability in the API of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to view sensitive information on an affected system. network low complexity cisco CWE-306	5.0
2020-11-06	CVE-2020-10291	Missing Authentication for Critical Function vulnerability in Kuka Visual Components Network License Server 2.0.8 Visual Components (owned by KUKA) is a robotic simulator that allows simulating factories and robots in order toimprove planning and decision-making processes. network low complexity kuka CWE-306	5.0
2020-10-28	CVE-2020-25966	Missing Authentication for Critical Function vulnerability in Sectona Spectra 3.2.0 Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information about the configured assets without proper authentication. network low complexity sectona CWE-306	7.5
2020-10-21	CVE-2018-11764	Missing Authentication for Critical Function vulnerability in Apache Hadoop 3.0.0 Web endpoint authentication check is broken in Apache Hadoop 3.0.0-alpha4, 3.0.0-beta1, and 3.0.0. network low complexity apache CWE-306 critical	9.0
2020-10-20	CVE-2020-7370	Missing Authentication for Critical Function vulnerability in Boltbrowser Bolt Browser User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of Danyil Vasilenko's Bolt Browser allows an attacker to obfuscate the true source of data as presented in the browser. network boltbrowser CWE-306	4.3
2020-10-20	CVE-2020-7369	Missing Authentication for Critical Function vulnerability in Yandex Browser User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser allows an attacker to obfuscate the true source of data as presented in the browser. network yandex CWE-306	4.3
2020-10-15	CVE-2020-12500	Missing Authentication for Critical Function vulnerability in Pepperl-Fuchs products Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) allows unauthenticated device administration. network low complexity pepperl-fuchs CWE-306	7.5
2020-10-09	CVE-2020-13955	Missing Authentication for Critical Function vulnerability in Apache Calcite HttpUtils#getURLConnection method disables explicitly hostname verification for HTTPS connections making clients vulnerable to man-in-the-middle attacks. network apache CWE-306	4.3
2020-10-08	CVE-2020-15243	Missing Authentication for Critical Function vulnerability in Smartstore 4.0.0/4.0.1 Affected versions of Smartstore have a missing WebApi Authentication attribute. network low complexity smartstore CWE-306	7.5