Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-12 | CVE-2020-6309 | Missing Authentication for Critical Function vulnerability in SAP Netweaver Application Server Java SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11), does not perform any authentication checks for a web service allowing the attacker to send several payloads and leading to complete denial of service. | 7.5 |
| 2020-08-12 | CVE-2020-6294 | Missing Authentication for Critical Function vulnerability in SAP Businessobjects Business Intelligence Platform 4.2/4.3 Xvfb of SAP Business Objects Business Intelligence Platform, versions - 4.2, 4.3, platform on Unix does not perform any authentication checks for functionalities that require user identity. | 9.1 |
| 2020-08-07 | CVE-2020-16167 | Missing Authentication for Critical Function vulnerability in Robotemi Launcher OS 11969/13146 Missing Authentication for Critical Function in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to receive and answer calls intended for another temi user. | 9.1 |
| 2020-08-06 | CVE-2020-15136 | Missing Authentication for Critical Function vulnerability in multiple products In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. | 6.5 |
| 2020-08-05 | CVE-2020-15127 | Missing Authentication for Critical Function vulnerability in Projectcontour Contour In Contour ( Ingress controller for Kubernetes) before version 1.7.0, a bad actor can shut down all instances of Envoy, essentially killing the entire ingress data plane. | 7.5 |
| 2020-07-31 | CVE-2020-3461 | Missing Authentication for Critical Function vulnerability in Cisco Data Center Network Manager A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to obtain confidential information from an affected device. | 5.3 |
| 2020-07-31 | CVE-2020-3376 | Missing Authentication for Critical Function vulnerability in Cisco Data Center Network Manager A vulnerability in the Device Manager application of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions on an affected device. | 9.8 |
| 2020-07-29 | CVE-2020-2076 | Missing Authentication for Critical Function vulnerability in Sick Package Analytics 04.0.0 SICK Package Analytics software up to and including version V04.0.0 are vulnerable to an authentication bypass by directly interfacing with the REST API. | 9.8 |
| 2020-07-23 | CVE-2020-15391 | Missing Authentication for Critical Function vulnerability in Devspace 4.13.0 The UI in DevSpace 4.13.0 allows web sites to execute actions on pods (on behalf of a victim) because of a lack of authentication for the WebSocket protocol. | 9.8 |
| 2020-07-22 | CVE-2020-15894 | Missing Authentication for Critical Function vulnerability in Dlink Dir-816L Firmware 2.06/2.06.B09 An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. | 7.5 |