Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-22 | CVE-2021-28148 | Missing Authentication for Critical Function vulnerability in Grafana One of the usage insights HTTP API endpoints in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 is accessible without any authentication. | 7.5 |
| 2021-03-16 | CVE-2020-28899 | Missing Authentication for Critical Function vulnerability in Zyxel products The Web CGI Script on ZyXEL LTE4506-M606 V1.00(ABDO.2)C0 devices does not require authentication, which allows remote unauthenticated attackers (via crafted JSON action data to /cgi-bin/gui.cgi) to use all features provided by the router. | 9.1 |
| 2021-03-10 | CVE-2020-35226 | Missing Authentication for Critical Function vulnerability in Netgear Gs116E Firmware and Jgs516Pe Firmware NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices allow unauthenticated users to modify the switch DHCP configuration by sending the corresponding write request command. | 7.1 |
| 2021-03-10 | CVE-2020-19419 | Missing Authentication for Critical Function vulnerability in Emerson Smart Wireless Gateway 1420 Firmware 4.6.59 Incorrect Access Control in Emerson Smart Wireless Gateway 1420 4.6.59 allows remote attackers to obtain sensitive device information from the administrator console without authentication. | 7.5 |
| 2021-03-10 | CVE-2021-28122 | Missing Authentication for Critical Function vulnerability in Open5Gs A request-validation issue was discovered in Open5GS 2.1.3 through 2.2.x before 2.2.1. | 9.8 |
| 2021-03-09 | CVE-2020-27225 | Missing Authentication for Critical Function vulnerability in Eclipse Platform In versions 4.18 and earlier of the Eclipse Platform, the Help Subsystem does not authenticate active help requests to the local help web server, allowing an unauthenticated local attacker to issue active help commands to the associated Eclipse Platform process or Eclipse Rich Client Platform process. | 7.8 |
| 2021-03-09 | CVE-2021-20262 | Missing Authentication for Critical Function vulnerability in Redhat Keycloak and Single Sign-On A flaw was found in Keycloak 12.0.0 where re-authentication does not occur while updating the password. | 6.8 |
| 2021-03-05 | CVE-2021-27255 | Missing Authentication for Critical Function vulnerability in Netgear products This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. | 8.8 |
| 2021-03-05 | CVE-2021-26705 | Missing Authentication for Critical Function vulnerability in Squarebox Catdv An issue was discovered in SquareBox CatDV Server through 9.2. | 9.1 |
| 2021-03-05 | CVE-2021-27963 | Missing Authentication for Critical Function vulnerability in Sfcyazilim Sonlogger 4.1.3/4.2.3/5.1.3 SonLogger before 6.4.1 is affected by user creation with any user permissions profile (e.g., SuperAdmin). | 8.2 |