Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-15 | CVE-2020-35462 | Missing Authentication for Critical Function vulnerability in Coscale Agent Project Coscale Agent 3.16.0 Version 3.16.0 of the CoScale agent Docker image contains a blank password for the root user. | 9.8 |
| 2020-12-14 | CVE-2020-25228 | Missing Authentication for Critical Function vulnerability in Siemens Logo! 8 BM Firmware A vulnerability has been identified in LOGO! 8 BM (incl. | 9.8 |
| 2020-12-14 | CVE-2020-16102 | Missing Authentication for Critical Function vulnerability in Gallagher Command Centre Improper Authentication vulnerability in Gallagher Command Centre Server allows an unauthenticated remote attacker to create items with invalid configuration, potentially causing the server to crash and fail to restart. | 8.2 |
| 2020-12-11 | CVE-2020-7540 | Missing Authentication for Critical Function vulnerability in Schneider-Electric products A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause unauthenticated command execution in the controller when sending special HTTP requests. | 9.8 |
| 2020-12-10 | CVE-2020-29311 | Missing Authentication for Critical Function vulnerability in Ubilling 1.0.9 Ubilling v1.0.9 allows Remote Command Execution as Root user by executing a malicious command that is injected inside the config file and being triggered by another part of the software. | 9.8 |
| 2020-12-09 | CVE-2020-26829 | Missing Authentication for Critical Function vulnerability in SAP Netweaver Application Server Java SAP NetWeaver AS JAVA (P2P Cluster Communication), versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows arbitrary connections from processes because of missing authentication check, that are outside the cluster and even outside the network segment dedicated for the internal cluster communication. | 10.0 |
| 2020-12-08 | CVE-2020-27902 | Missing Authentication for Critical Function vulnerability in Apple Iphone OS An authentication issue was addressed with improved state management. | 4.6 |
| 2020-12-08 | CVE-2020-28946 | Missing Authentication for Critical Function vulnerability in Plummac Ik-401 Firmware An improper webserver configuration on Plum IK-401 devices with firmware before 1.02 allows an attacker (with network access to the device) to obtain the configuration file, including hashed credential data. | 7.5 |
| 2020-12-02 | CVE-2020-29389 | Missing Authentication for Critical Function vulnerability in Docker Crux Linux Docker Image The official Crux Linux Docker images 3.0 through 3.4 contain a blank password for a root user. | 9.8 |
| 2020-11-29 | CVE-2020-29379 | Missing Authentication for Critical Function vulnerability in Vsolcn V1600D-Mini Firmware and V1600D4L Firmware An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1.01.48 OLT devices. | 5.5 |