Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-26 | CVE-2020-15483 | Missing Authentication for Critical Function vulnerability in Niscomed M1000 Multipara Patient Monitor Firmware An issue was discovered on Nescomed Multipara Monitor M1000 devices. | 6.8 |
| 2020-08-21 | CVE-2020-24051 | Missing Authentication for Critical Function vulnerability in Moog Exvf5C-2 Firmware and Exvp7C2-3 Firmware The Moog EXO Series EXVF5C-2 and EXVP7C2-3 units support the ONVIF interoperability IP-based physical security protocol, which requires authentication for some of its operations. | 9.8 |
| 2020-08-17 | CVE-2020-3448 | Missing Authentication for Critical Function vulnerability in Cisco Cyber Vision Center A vulnerability in an access control mechanism of Cisco Cyber Vision Center Software could allow an unauthenticated, remote attacker to bypass authentication and access internal services that are running on an affected device. | 5.8 |
| 2020-08-14 | CVE-2020-17475 | Missing Authentication for Critical Function vulnerability in Megvii Koala Firmware 2.9.1C3S Lack of authentication in the network relays used in MEGVII Koala 2.9.1-c3s allows attackers to grant physical access to anyone by sending packet data to UDP port 5000. | 7.5 |
| 2020-08-14 | CVE-2019-5591 | Missing Authentication for Critical Function vulnerability in Fortinet Fortios A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the LDAP server. | 6.5 |
| 2020-08-12 | CVE-2020-12106 | Missing Authentication for Critical Function vulnerability in Stengg Vpncrypt M10 Firmware 2.6.5 The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows unauthenticated users to send HTTP POST request to several critical Administrative functions such as, changing credentials of the Administrator account or connect the product to a rogue access point. | 9.8 |
| 2020-08-12 | CVE-2020-6309 | Missing Authentication for Critical Function vulnerability in SAP Netweaver Application Server Java SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11), does not perform any authentication checks for a web service allowing the attacker to send several payloads and leading to complete denial of service. | 7.5 |
| 2020-08-12 | CVE-2020-6294 | Missing Authentication for Critical Function vulnerability in SAP Businessobjects Business Intelligence Platform 4.2/4.3 Xvfb of SAP Business Objects Business Intelligence Platform, versions - 4.2, 4.3, platform on Unix does not perform any authentication checks for functionalities that require user identity. | 9.1 |
| 2020-08-07 | CVE-2020-16167 | Missing Authentication for Critical Function vulnerability in Robotemi Launcher OS 11969/13146 Missing Authentication for Critical Function in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to receive and answer calls intended for another temi user. | 9.1 |
| 2020-08-06 | CVE-2020-15136 | Missing Authentication for Critical Function vulnerability in multiple products In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. | 6.5 |