Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2019-12-18 CVE-2019-5078 Missing Authentication for Critical Function vulnerability in Wago PFC 100 Firmware and PFC 200 Firmware
An exploitable denial of service vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12).
network
low complexity
wago CWE-306
critical
 9.4
9.4
2019-12-18 CVE-2019-5077 Missing Authentication for Critical Function vulnerability in Wago PFC 100 Firmware and PFC 200 Firmware
An exploitable denial-of-service vulnerability exists in the iocheckd service ‘’I/O-Chec’’ functionality of WAGO PFC 200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC 100 Firmware version 03.00.39(12).
network
low complexity
wago CWE-306
8.5
8.5
2019-12-18 CVE-2019-8682 Missing Authentication for Critical Function vulnerability in Apple Iphone OS
The issue was addressed with improved UI handling.
local
low complexity
apple CWE-306
2.1
2.1
2019-12-18 CVE-2019-5152 Missing Authentication for Critical Function vulnerability in Shadowsocks Shadowsocks-Libev 3.3.2
An exploitable information disclosure vulnerability exists in the network packet handling functionality of Shadowsocks-libev 3.3.2. 		5.8
5.8
2019-12-13 CVE-2019-16731 Missing Authentication for Critical Function vulnerability in multiple products
The udpServerSys service in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to initiate firmware upgrades and alter device settings.
network
low complexity
skymee petwant CWE-306
5.0
5.0
2019-12-12 CVE-2019-18339 Missing Authentication for Critical Function vulnerability in Siemens products
A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions < V5.0.0).
network
low complexity
siemens CWE-306
critical
 9.8
9.8
2019-12-12 CVE-2019-18311 Missing Authentication for Critical Function vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).
network
low complexity
siemens CWE-306
5.0
5.0
2019-12-12 CVE-2019-18284 Missing Authentication for Critical Function vulnerability in Siemens Sppa-T3000 Application Server R8.2
A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2).
network
low complexity
siemens CWE-306
5.0
5.0
2019-12-12 CVE-2019-15932 Missing Authentication for Critical Function vulnerability in Intesync Solismed 3.3
Intesync Solismed 3.3sp has Incorrect Access Control.
network
low complexity
intesync CWE-306
7.5
7.5
2019-12-10 CVE-2019-4244 Missing Authentication for Critical Function vulnerability in IBM Smartcloud Analytics LOG Analysis
IBM SmartCloud Analytics 1.3.1 through 1.3.5 could allow a remote attacker to gain unauthorized information and unrestricted control over Zookeeper installations due to missing authentication.
network
low complexity
ibm CWE-306
6.4
6.4