Vulnerabilities > Missing Authentication for Critical Function
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-06-13 | CVE-2024-38279 | Missing Authentication for Critical Function vulnerability in Motorola Vigilant Fixed LPR Coms BOX Firmware The affected product is vulnerable to an attacker modifying the bootloader by using custom arguments to bypass authentication and gain access to the file system and obtain password hashes. | 4.6 |
2024-06-11 | CVE-2024-2013 | Missing Authentication for Critical Function vulnerability in Hitachienergy Foxman-Un and Unem An authentication bypass vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway component that if exploited allows attackers without any access to interact with the services and the post-authentication attack surface. | 10.0 |
2024-06-06 | CVE-2024-22326 | Missing Authentication for Critical Function vulnerability in IBM Ds8900F Firmware IBM System Storage DS8900F 89.22.19.0, 89.30.68.0, 89.32.40.0, 89.33.48.0, 89.40.83.0, and 89.40.93.0 could allow a remote user to create an LDAP connection with a valid username and empty password to establish an anonymous connection. | 6.3 |
2024-06-06 | CVE-2024-37152 | Missing Authentication for Critical Function vulnerability in Argoproj Argo CD Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. | 7.5 |
2024-03-15 | CVE-2024-2450 | Missing Authentication for Critical Function vulnerability in Mattermost Server Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.4.3 fail to correctly verify account ownership when switching from email to SAML authentication, allowing an authenticated attacker to take over other user accounts via a crafted switch request under specific conditions. | 8.8 |
2024-02-18 | CVE-2022-48621 | Missing Authentication for Critical Function vulnerability in Huawei Emui and Harmonyos Vulnerability of missing authentication for critical functions in the Wi-Fi module.Successful exploitation of this vulnerability may affect service confidentiality. | 7.5 |
2024-02-14 | CVE-2024-25618 | Missing Authentication for Critical Function vulnerability in Joinmastodon Mastodon Mastodon is a free, open-source social network server based on ActivityPub. | 7.4 |
2024-02-14 | CVE-2024-23783 | Missing Authentication for Critical Function vulnerability in Sharp Jh-Rv11 Firmware and Jh-Rvb1 Firmware Improper authentication vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to access the affected product without authentication. | 8.8 |
2024-02-06 | CVE-2023-40545 | Missing Authentication for Critical Function vulnerability in Pingidentity Pingfederate 11.3.0 Authentication bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted requests. | 9.8 |
2024-02-06 | CVE-2024-23917 | Missing Authentication for Critical Function vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible | 9.8 |