Vulnerabilities > Missing Authentication for Critical Function

DATE	CVE	VULNERABILITY TITLE	RISK
2020-11-24	CVE-2020-29058	Missing Authentication for Critical Function vulnerability in Cdatatec products An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. network low complexity cdatatec CWE-306 critical	9.8
2020-11-23	CVE-2020-27985	Missing Authentication for Critical Function vulnerability in Securityonionsolutions Security Onion Security Onion v2 prior to 2.3.10 has an incorrect sudo configuration, which allows the administrative user to obtain root access without using the sudo password by editing and executing /home/<user>/SecurityOnion/setup/so-setup. local low complexity securityonionsolutions CWE-306	7.8
2020-11-18	CVE-2020-3531	Missing Authentication for Critical Function vulnerability in Cisco IOT Field Network Director A vulnerability in the REST API of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to access the back-end database of an affected system. network low complexity cisco CWE-306 critical	9.8
2020-11-18	CVE-2020-3392	Missing Authentication for Critical Function vulnerability in Cisco IOT Field Network Director A vulnerability in the API of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to view sensitive information on an affected system. network low complexity cisco CWE-306	7.5
2020-11-10	CVE-2020-26824	Missing Authentication for Critical Function vulnerability in SAP Solution Manager 7.20 SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Upgrade Legacy Ports Service, this has an impact to the integrity and availability of the service. network low complexity sap CWE-306 critical	10.0
2020-11-10	CVE-2020-26823	Missing Authentication for Critical Function vulnerability in SAP Solution Manager 7.20 SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Upgrade Diagnostics Agent Connection Service, this has an impact to the integrity and availability of the service. network low complexity sap CWE-306 critical	10.0
2020-11-10	CVE-2020-26822	Missing Authentication for Critical Function vulnerability in SAP Solution Manager 7.20 SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Outside Discovery Configuration Service, this has an impact to the integrity and availability of the service. network low complexity sap CWE-306 critical	10.0
2020-11-10	CVE-2020-26821	Missing Authentication for Critical Function vulnerability in SAP Solution Manager 7.20 SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the SVG Converter Service, this has an impact to the integrity and availability of the service. network low complexity sap CWE-306 critical	10.0
2020-11-09	CVE-2020-27019	Missing Authentication for Critical Function vulnerability in Trendmicro Interscan Messaging Security Virtual Appliance 8.5.1.1516/9.0/9.1 Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to an information disclosure vulnerability which could allow an attacker to access a specific database and key. local low complexity trendmicro CWE-306	5.5
2020-11-06	CVE-2020-10291	Missing Authentication for Critical Function vulnerability in Kuka Visual Components Network License Server 2.0.8 Visual Components (owned by KUKA) is a robotic simulator that allows simulating factories and robots in order toimprove planning and decision-making processes. network low complexity kuka CWE-306	7.5