Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-30 | CVE-2020-12505 | Missing Authentication for Critical Function vulnerability in Wago products Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW07 allows an attacker to change some special parameters without authentication. | 8.2 |
| 2020-09-25 | CVE-2020-25747 | Missing Authentication for Critical Function vulnerability in Rubetek products The Telnet service of Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) can allow a remote attacker to gain access to RTSP and ONFIV services without authentication. | 9.4 |
| 2020-09-24 | CVE-2020-15851 | Missing Authentication for Critical Function vulnerability in Nakivo Backup & Replication Transporter 9.4.0.R43656 Lack of access control in Nakivo Backup & Replication Transporter version 9.4.0.r43656 allows remote users to access unencrypted backup repositories and the Nakivo Controller configuration via a network accessible transporter service. | 9.8 |
| 2020-09-23 | CVE-2019-16004 | Missing Authentication for Critical Function vulnerability in Cisco Vision Dynamic Signage Director A vulnerability in the REST API endpoint of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected device. | 6.5 |
| 2020-09-22 | CVE-2020-11856 | Missing Authentication for Critical Function vulnerability in Microfocus Operation Bridge Reporter Arbitrary code execution vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. | 9.8 |
| 2020-09-22 | CVE-2020-3977 | Missing Authentication for Critical Function vulnerability in VMWare Horizon Daas 7.0.0/8.0.0/8.0.1 VMware Horizon DaaS (7.x and 8.x before 8.0.1 Update 1) contains a broken authentication vulnerability due to a flaw in the way it handled the first factor authentication. | 6.5 |
| 2020-09-15 | CVE-2020-23512 | Missing Authentication for Critical Function vulnerability in VR CAM P1 Firmware VR CAM P1 Model P1 v1 has an incorrect access control vulnerability where an attacker can obtain complete access of the device from web (remote) without authentication. | 9.8 |
| 2020-09-15 | CVE-2020-16098 | Missing Authentication for Critical Function vulnerability in Gallagher Command Centre It is possible to enumerate access card credentials via an unauthenticated network connection to the server in versions of Command Centre v8.20 prior to v8.20.1166(MR3), versions of 8.10 prior to v8.10.1211(MR5), versions of 8.00 prior to v8.00.1228(MR6), all versions of 7.90 and earlier. | 9.8 |
| 2020-09-14 | CVE-2020-13289 | Missing Authentication for Critical Function vulnerability in Gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. | 5.4 |
| 2020-09-10 | CVE-2020-13920 | Missing Authentication for Critical Function vulnerability in multiple products Apache ActiveMQ uses LocateRegistry.createRegistry() to create the JMX RMI registry and binds the server to the "jmxrmi" entry. | 5.9 |