Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-20 | CVE-2020-12028 | Missing Authentication for Critical Function vulnerability in Rockwellautomation Factorytalk View In all versions of FactoryTalk View SEA remote, an authenticated attacker may be able to utilize certain handlers to interact with the data on the remote endpoint since those handlers do not enforce appropriate permissions. | 8.1 |
| 2020-07-17 | CVE-2020-10605 | Missing Authentication for Critical Function vulnerability in Grundfos CIM 500 Firmware Grundfos CIM 500 before v06.16.00 responds to unauthenticated requests for password storage files. | 7.5 |
| 2020-07-16 | CVE-2020-13405 | Missing Authentication for Critical Function vulnerability in Microweber userfiles/modules/users/controller/controller.php in Microweber before 1.1.20 allows an unauthenticated user to disclose the users database via a /modules/ POST request. | 7.5 |
| 2020-07-15 | CVE-2020-14501 | Missing Authentication for Critical Function vulnerability in Advantech Iview 5.6 Advantech iView, versions 5.6 and prior, has an improper authentication for critical function (CWE-306) issue. | 9.8 |
| 2020-07-14 | CVE-2020-5373 | Missing Authentication for Critical Function vulnerability in Dell EMC Omimssc for Sccm and EMC Omimssc for Scvmm Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) for SCCM and SCVMM versions prior to 7.2.1 contain an improper authentication vulnerability. | 7.5 |
| 2020-07-14 | CVE-2020-10044 | Missing Authentication for Critical Function vulnerability in Siemens products A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). | 7.5 |
| 2020-07-14 | CVE-2020-10038 | Missing Authentication for Critical Function vulnerability in Siemens products A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). | 9.8 |
| 2020-07-14 | CVE-2020-6287 | Missing Authentication for Critical Function vulnerability in SAP Netweaver Application Server Java SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system, leading to Missing Authentication Check. | 10.0 |
| 2020-07-03 | CVE-2020-10282 | Missing Authentication for Critical Function vulnerability in Dronecode Micro AIR Vehicle Link 1.0.0 The Micro Air Vehicle Link (MAVLink) protocol presents no authentication mechanism on its version 1.0 (nor authorization) whichs leads to a variety of attacks including identity spoofing, unauthorized access, PITM attacks and more. | 9.8 |
| 2020-07-02 | CVE-2020-5910 | Missing Authentication for Critical Function vulnerability in F5 Nginx Controller In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require any form of authentication, so any successful connection would be authorized. | 7.5 |