Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-02 | CVE-2020-29389 | Missing Authentication for Critical Function vulnerability in Docker Crux Linux Docker Image The official Crux Linux Docker images 3.0 through 3.4 contain a blank password for a root user. | 9.8 |
| 2020-11-29 | CVE-2020-29379 | Missing Authentication for Critical Function vulnerability in Vsolcn V1600D-Mini Firmware and V1600D4L Firmware An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1.01.48 OLT devices. | 5.5 |
| 2020-11-27 | CVE-2020-29138 | Missing Authentication for Critical Function vulnerability in Sagemcom F@St 3486 Router Firmware 4.109.0 Incorrect Access Control in the configuration backup path in SAGEMCOM F@ST3486 NET DOCSIS 3.0, software NET_4.109.0, allows remote unauthenticated users to download the router configuration file via the /backupsettings.conf URI, when any valid session is running. | 5.3 |
| 2020-11-24 | CVE-2020-29058 | Missing Authentication for Critical Function vulnerability in Cdatatec products An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. | 9.8 |
| 2020-11-23 | CVE-2020-27985 | Missing Authentication for Critical Function vulnerability in Securityonionsolutions Security Onion Security Onion v2 prior to 2.3.10 has an incorrect sudo configuration, which allows the administrative user to obtain root access without using the sudo password by editing and executing /home/<user>/SecurityOnion/setup/so-setup. | 7.8 |
| 2020-11-18 | CVE-2020-3531 | Missing Authentication for Critical Function vulnerability in Cisco IOT Field Network Director A vulnerability in the REST API of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to access the back-end database of an affected system. | 9.8 |
| 2020-11-18 | CVE-2020-3392 | Missing Authentication for Critical Function vulnerability in Cisco IOT Field Network Director A vulnerability in the API of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to view sensitive information on an affected system. | 7.5 |
| 2020-11-10 | CVE-2020-26824 | Missing Authentication for Critical Function vulnerability in SAP Solution Manager 7.20 SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Upgrade Legacy Ports Service, this has an impact to the integrity and availability of the service. | 10.0 |
| 2020-11-10 | CVE-2020-26823 | Missing Authentication for Critical Function vulnerability in SAP Solution Manager 7.20 SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Upgrade Diagnostics Agent Connection Service, this has an impact to the integrity and availability of the service. | 10.0 |
| 2020-11-10 | CVE-2020-26822 | Missing Authentication for Critical Function vulnerability in SAP Solution Manager 7.20 SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Outside Discovery Configuration Service, this has an impact to the integrity and availability of the service. | 10.0 |