Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-23 | CVE-2020-10874 | Missing Authentication for Critical Function vulnerability in Motorola products Motorola FX9500 devices allow remote attackers to read database files. | 7.5 |
| 2020-03-23 | CVE-2020-7479 | Missing Authentication for Critical Function vulnerability in Schneider-Electric Interactive Graphical Scada System 14.0/14.0.0.19120 A CWE-306: Missing Authentication for Critical Function vulnerability exists in IGSS (Versions 14 and prior using the service: IGSSupdate), which could allow a local user to execute processes that otherwise require escalation privileges when sending local network commands to the IGSS Update Service. | 7.8 |
| 2020-03-23 | CVE-2020-8497 | Missing Authentication for Critical Function vulnerability in Artica Pandora FMS In Artica Pandora FMS through 7.42, an unauthenticated attacker can read the chat history. | 5.3 |
| 2020-03-20 | CVE-2019-16258 | Missing Authentication for Critical Function vulnerability in Hom.Ee Brain Cube Core 2.23.0 The bootloader of the homee Brain Cube V2 through 2.23.0 allows attackers with physical access to gain root access by manipulating the U-Boot environment via the CLI after connecting to the internal UART interface. | 6.8 |
| 2020-03-19 | CVE-2019-15654 | Missing Authentication for Critical Function vulnerability in Comba Ac2400 Firmware Comba AC2400 devices are prone to password disclosure via a simple crafted /09/business/upgrade/upcfgAction.php?download=true request to the web management server. | 7.5 |
| 2020-03-19 | CVE-2019-12127 | Missing Authentication for Critical Function vulnerability in Onap Open Network Automation Platform In ONAP OOM through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. | 9.8 |
| 2020-03-19 | CVE-2019-12126 | Missing Authentication for Critical Function vulnerability in Onap Open Network Automation Platform In ONAP DCAE through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. | 9.8 |
| 2020-03-19 | CVE-2019-12125 | Missing Authentication for Critical Function vulnerability in Onap Open Network Automation Platform In ONAP Logging through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. | 9.8 |
| 2020-03-19 | CVE-2019-12130 | Missing Authentication for Critical Function vulnerability in Onap Open Network Automation Platform In ONAP CLI through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. | 9.8 |
| 2020-03-19 | CVE-2019-12129 | Missing Authentication for Critical Function vulnerability in Onap Open Network Automation Platform In ONAP MSB through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. | 9.8 |