Vulnerabilities > Missing Authentication for Critical Function

DATE	CVE	VULNERABILITY TITLE	RISK
2020-10-06	CVE-2020-24217	Missing Authentication for Critical Function vulnerability in multiple products An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. network low complexity szuray jtechdigital provideoinstruments CWE-306 critical	9.8
2020-10-05	CVE-2020-6875	Missing Authentication for Critical Function vulnerability in ZTE Zxone 19700 Snpe Firmware Zxone8700V1.40R2B13Snpe A ZTE product is impacted by the improper access control vulnerability. network low complexity zte CWE-306 critical	9.8
2020-10-05	CVE-2020-26061	Missing Authentication for Critical Function vulnerability in Clickstudios Passwordstate 8.3 ClickStudios Passwordstate Password Reset Portal prior to build 8501 is affected by an authentication bypass vulnerability. network low complexity clickstudios CWE-306	7.5
2020-10-02	CVE-2020-12127	Missing Authentication for Critical Function vulnerability in Wavlink Wn530H4 Firmware M30H4.V5030.190403 An information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to leak router settings, including cleartext login details, DNS settings, and other sensitive information without authentication. network low complexity wavlink CWE-306	7.5
2020-10-01	CVE-2020-9487	Missing Authentication for Critical Function vulnerability in Apache Nifi In Apache NiFi 1.0.0 to 1.11.4, the NiFi download token (one-time password) mechanism used a fixed cache size and did not authenticate a request to create a download token, only when attempting to use the token to access the content. network low complexity apache CWE-306	7.5
2020-09-30	CVE-2020-19670	Missing Authentication for Critical Function vulnerability in Niushop 1.11 In Niushop B2B2C Multi-Business Basic Edition V1.11, authentication can be bypassed, causing administrators to reset any passwords. network low complexity niushop CWE-306	4.9
2020-09-25	CVE-2020-25747	Missing Authentication for Critical Function vulnerability in Rubetek products The Telnet service of Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) can allow a remote attacker to gain access to RTSP and ONFIV services without authentication. network low complexity rubetek CWE-306 critical	9.4
2020-09-24	CVE-2020-15851	Missing Authentication for Critical Function vulnerability in Nakivo Backup & Replication Transporter 9.4.0.R43656 Lack of access control in Nakivo Backup & Replication Transporter version 9.4.0.r43656 allows remote users to access unencrypted backup repositories and the Nakivo Controller configuration via a network accessible transporter service. network low complexity nakivo CWE-306 critical	9.8
2020-09-23	CVE-2019-16004	Missing Authentication for Critical Function vulnerability in Cisco Vision Dynamic Signage Director A vulnerability in the REST API endpoint of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected device. network low complexity cisco CWE-306	6.5
2020-09-22	CVE-2020-11856	Missing Authentication for Critical Function vulnerability in Microfocus Operation Bridge Reporter Arbitrary code execution vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. network low complexity microfocus CWE-306 critical	9.8