Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2020-03-19 CVE-2019-12128 Missing Authentication for Critical Function vulnerability in Onap Open Network Automation Platform
In ONAP SO through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication.
network
low complexity
onap CWE-306
critical
 9.8
9.8
2020-03-18 CVE-2019-12120 Missing Authentication for Critical Function vulnerability in Onap Open Network Automation Platform
An issue was discovered in ONAP VNFSDK through Dublin.
network
low complexity
onap CWE-306
critical
 9.8
9.8
2020-03-18 CVE-2019-12119 Missing Authentication for Critical Function vulnerability in Onap Open Network Automation Platform
An issue was discovered in ONAP SDC through Dublin.
network
low complexity
onap CWE-306
critical
 9.8
9.8
2020-03-18 CVE-2019-12118 Missing Authentication for Critical Function vulnerability in Onap Open Network Automation Platform
An issue was discovered in ONAP SDC through Dublin.
network
low complexity
onap CWE-306
critical
 9.8
9.8
2020-03-18 CVE-2019-12117 Missing Authentication for Critical Function vulnerability in Onap Open Network Automation Platform
An issue was discovered in ONAP SDC through Dublin.
network
low complexity
onap CWE-306
critical
 9.8
9.8
2020-03-18 CVE-2019-12116 Missing Authentication for Critical Function vulnerability in Onap Open Network Automation Platform
An issue was discovered in ONAP SDC through Dublin.
network
low complexity
onap CWE-306
critical
 9.8
9.8
2020-03-18 CVE-2019-12115 Missing Authentication for Critical Function vulnerability in Onap Open Network Automation Platform
An issue was discovered in ONAP SDC through Dublin.
network
low complexity
onap CWE-306
critical
 9.8
9.8
2020-03-18 CVE-2019-12114 Missing Authentication for Critical Function vulnerability in Onap Open Network Automation Platform 3.0.0/3.0.1/3.0.2
An issue was discovered in ONAP HOLMES before Dublin.
network
low complexity
onap CWE-306
critical
 9.8
9.8
2020-03-18 CVE-2020-9325 Missing Authentication for Critical Function vulnerability in Aquaforest Tiff Server 4.0
Aquaforest TIFF Server 4.0 allows Unauthenticated Arbitrary File Download.
network
low complexity
aquaforest CWE-306
7.5
7.5
2020-03-18 CVE-2020-8598 Missing Authentication for Critical Function vulnerability in Trendmicro Apex One, Officescan and Worry-Free Business Security
Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow a remote attacker to execute arbitrary code on affected installations with SYSTEM level privileges.
network
low complexity
trendmicro CWE-306
critical
 9.8
9.8