Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2024-08-30 CVE-2024-39300 Missing Authentication for Critical Function vulnerability in Elecom Wab-I1750-Ps Firmware
Missing authentication vulnerability exists in Telnet function of WAB-I1750-PS v1.5.10 and earlier.
network
high complexity
elecom CWE-306
3.7
2024-08-27 CVE-2024-7940 Missing Authentication for Critical Function vulnerability in Hitachienergy Microscada X Sys600
The product exposes a service that is intended for local only to all network interfaces without any authentication.
network
low complexity
hitachienergy CWE-306
critical
9.8
2024-08-27 CVE-2024-7125 Missing Authentication for Critical Function vulnerability in Hitachi OPS Center Common Services 10.9.300
Authentication Bypass vulnerability in Hitachi Ops Center Common Services.This issue affects Hitachi Ops Center Common Services: from 10.9.3-00 before 11.0.2-01.
local
low complexity
hitachi CWE-306
7.8
2024-08-22 CVE-2024-35151 Missing Authentication for Critical Function vulnerability in IBM Openpages GRC Platform and Openpages With Watson
IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive information through improper authorization controls on APIs.
network
low complexity
ibm CWE-306
6.5
2024-08-13 CVE-2024-35124 Missing Authentication for Critical Function vulnerability in IBM Openbmc
A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00 through FW1030.50, and FW1020.00 through FW1020.60 default password and session management allow an attacker to gain administrative access to the BMC.
network
high complexity
ibm CWE-306
7.5
2024-08-04 CVE-2024-35143 Missing Authentication for Critical Function vulnerability in IBM products
IBM Planning Analytics Local 2.0 and 2.1 connects to a MongoDB server.
network
low complexity
ibm CWE-306
critical
9.1
2024-07-28 CVE-2024-7154 Missing Authentication for Critical Function vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513
A vulnerability, which was classified as problematic, was found in TOTOLINK A3700R 9.1.2u.5822_B20200513.
network
low complexity
totolink CWE-306
7.5
2024-07-25 CVE-2024-7007 Missing Authentication for Critical Function vulnerability in Positron Tra7005 Firmware 1.20
Positron Broadcast Signal Processor TRA7005 v1.20 is vulnerable to an authentication bypass exploit that could allow an attacker to have unauthorized access to protected areas of the application.
network
low complexity
positron CWE-306
critical
9.8
2024-07-21 CVE-2024-38437 Missing Authentication for Critical Function vulnerability in Dlink Dsl-225 Firmware Bz1.00.16
D-Link - CWE-288:Authentication Bypass Using an Alternate Path or Channel
network
low complexity
dlink CWE-306
critical
9.8
2024-07-10 CVE-2024-5910 Missing Authentication for Critical Function vulnerability in Paloaltonetworks Expedition
Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment.
network
low complexity
paloaltonetworks CWE-306
critical
9.8