Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-24 | CVE-2020-10272 | Missing Authentication for Critical Function vulnerability in multiple products MiR100, MiR200 and other MiR robots use the Robot Operating System (ROS) default packages exposing the computational graph without any sort of authentication. network low complexity aliasrobotics mobile-industrial-robotics enabled-robotics uvd-robots CWE-306 critical | 9.8 |
| 2020-06-23 | CVE-2020-9480 | Missing Authentication for Critical Function vulnerability in multiple products In Apache Spark 2.4.5 and earlier, a standalone resource manager's master may be configured to require authentication (spark.authenticate) via a shared secret. | 9.8 |
| 2020-06-15 | CVE-2020-11969 | Missing Authentication for Critical Function vulnerability in Apache Tomee If Apache TomEE is configured to use the embedded ActiveMQ broker, and the broker URI includes the useJMX=true parameter, a JMX port is opened on TCP port 1099, which does not include authentication. | 9.8 |
| 2020-06-15 | CVE-2020-13150 | Missing Authentication for Critical Function vulnerability in Dlink Dsl-2750U Firmware Me1.03 D-link DSL-2750U ISL2750UEME3.V1E devices allow approximately 90 seconds of access to the control panel, after a restart, before MAC address filtering rules become active. | 7.8 |
| 2020-06-15 | CVE-2020-1813 | Missing Authentication for Critical Function vulnerability in Huawei P30 Firmware HUAWEI P30 smart phone with versions earlier than 10.1.0.135(C00E135R2P11) have an improper authentication vulnerability. | 6.8 |
| 2020-06-15 | CVE-2020-4471 | Missing Authentication for Critical Function vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow an unauthenticated attacker to cause a denial of service or hijack DNS sessions by send a specially crafted HTTP command to the remote server. | 6.5 |
| 2020-06-12 | CVE-2020-14048 | Missing Authentication for Critical Function vulnerability in Zohocorp Manageengine Servicedesk Plus Zoho ManageEngine ServiceDesk Plus before 11.1 build 11115 allows remote unauthenticated attackers to change the installation status of deployed agents. | 7.5 |
| 2020-06-10 | CVE-2020-7589 | Missing Authentication for Critical Function vulnerability in Siemens Logo! 8 BM Firmware A vulnerability has been identified in LOGO! 8 BM (incl. | 9.1 |
| 2020-06-10 | CVE-2020-6263 | Missing Authentication for Critical Function vulnerability in SAP Netweaver Application Server Java Standalone clients connecting to SAP NetWeaver AS Java via P4 Protocol, versions (SAP-JEECOR 7.00, 7.01; SERVERCOR 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; CORE-TOOLS 7.00, 7.01, 7.02, 7.05, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50) do not perform any authentication checks for operations that require user identity leading to Authentication Bypass. | 9.8 |
| 2020-06-09 | CVE-2020-12004 | Missing Authentication for Critical Function vulnerability in Inductiveautomation Ignition Gateway The affected product lacks proper authentication required to query the server on the Ignition 8 Gateway (versions prior to 8.0.10) and Ignition 7 Gateway (versions prior to 7.9.14), allowing an attacker to obtain sensitive information. | 7.5 |