Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-05 | CVE-2020-26061 | Missing Authentication for Critical Function vulnerability in Clickstudios Passwordstate 8.3 ClickStudios Passwordstate Password Reset Portal prior to build 8501 is affected by an authentication bypass vulnerability. | 7.5 |
| 2020-10-02 | CVE-2020-12127 | Missing Authentication for Critical Function vulnerability in Wavlink Wn530H4 Firmware M30H4.V5030.190403 An information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to leak router settings, including cleartext login details, DNS settings, and other sensitive information without authentication. | 7.5 |
| 2020-10-01 | CVE-2020-9487 | Missing Authentication for Critical Function vulnerability in Apache Nifi In Apache NiFi 1.0.0 to 1.11.4, the NiFi download token (one-time password) mechanism used a fixed cache size and did not authenticate a request to create a download token, only when attempting to use the token to access the content. | 7.5 |
| 2020-09-30 | CVE-2020-19670 | Missing Authentication for Critical Function vulnerability in Niushop 1.11 In Niushop B2B2C Multi-Business Basic Edition V1.11, authentication can be bypassed, causing administrators to reset any passwords. | 4.9 |
| 2020-09-25 | CVE-2020-25747 | Missing Authentication for Critical Function vulnerability in Rubetek products The Telnet service of Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) can allow a remote attacker to gain access to RTSP and ONFIV services without authentication. | 9.4 |
| 2020-09-24 | CVE-2020-15851 | Missing Authentication for Critical Function vulnerability in Nakivo Backup & Replication Transporter 9.4.0.R43656 Lack of access control in Nakivo Backup & Replication Transporter version 9.4.0.r43656 allows remote users to access unencrypted backup repositories and the Nakivo Controller configuration via a network accessible transporter service. | 9.8 |
| 2020-09-23 | CVE-2019-16004 | Missing Authentication for Critical Function vulnerability in Cisco Vision Dynamic Signage Director A vulnerability in the REST API endpoint of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected device. | 6.5 |
| 2020-09-22 | CVE-2020-11856 | Missing Authentication for Critical Function vulnerability in Microfocus Operation Bridge Reporter Arbitrary code execution vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. | 9.8 |
| 2020-09-22 | CVE-2020-3977 | Missing Authentication for Critical Function vulnerability in VMWare Horizon Daas 7.0.0/8.0.0/8.0.1 VMware Horizon DaaS (7.x and 8.x before 8.0.1 Update 1) contains a broken authentication vulnerability due to a flaw in the way it handled the first factor authentication. | 6.5 |
| 2020-09-15 | CVE-2020-23512 | Missing Authentication for Critical Function vulnerability in VR CAM P1 Firmware VR CAM P1 Model P1 v1 has an incorrect access control vulnerability where an attacker can obtain complete access of the device from web (remote) without authentication. | 9.8 |