Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-17 | CVE-2019-20105 | Missing Authentication for Critical Function vulnerability in Atlassian Application Links The EditApplinkServlet resource in the Atlassian Application Links plugin before version 5.4.20, from version 6.0.0 before version 6.0.12, from version 6.1.0 before version 6.1.2, from version 7.0.0 before version 7.0.1, and from version 7.1.0 before version 7.1.3 allows remote attackers who have obtained access to administrator's session to access the EditApplinkServlet resource without needing to re-authenticate to pass "WebSudo" in products that support "WebSudo" through an improper access control vulnerability. | 4.9 |
| 2020-03-13 | CVE-2019-13194 | Missing Authentication for Critical Function vulnerability in Brother products Some Brother printers (such as the HL-L8360CDW v1.20) were affected by different information disclosure vulnerabilities that provided sensitive information to an unauthenticated user who visits a specific URL. | 7.5 |
| 2020-03-13 | CVE-2019-13205 | Missing Authentication for Critical Function vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701 All configuration parameters of certain Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were accessible by unauthenticated users. | 7.5 |
| 2020-03-13 | CVE-2020-10079 | Missing Authentication for Critical Function vulnerability in Gitlab GitLab 7.10 through 12.8.1 has Incorrect Access Control. | 5.3 |
| 2020-03-13 | CVE-2019-19799 | Missing Authentication for Critical Function vulnerability in Zohocorp Manageengine Applications Manager Zoho ManageEngine Applications Manager before 14600 allows a remote unauthenticated attacker to disclose license related information via WieldFeedServlet servlet. | 5.3 |
| 2020-03-10 | CVE-2020-6207 | Missing Authentication for Critical Function vulnerability in SAP Solution Manager 7.20 SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check does not perform any authentication for a service resulting in complete compromise of all SMDAgents connected to the Solution Manager. | 9.8 |
| 2020-03-10 | CVE-2020-0052 | Missing Authentication for Critical Function vulnerability in Google Android 10.0 In smsSelected of AnswerFragment.java, there is a way to send an SMS from the lock screen due to a permissions bypass. | 4.3 |
| 2020-03-06 | CVE-2020-5328 | Missing Authentication for Critical Function vulnerability in Dell EMC Isilon Onefs Dell EMC Isilon OneFS versions prior to 8.2.0 contain an unauthorized access vulnerability due to a lack of thorough authorization checks when SyncIQ is licensed, but encrypted syncs are not marked as required. | 9.8 |
| 2020-03-05 | CVE-2020-9544 | Missing Authentication for Critical Function vulnerability in D-Link Dsl-2640B Firmware E1Eu1.01 An issue was discovered on D-Link DSL-2640B E1 EU_1.01 devices. | 7.5 |
| 2020-03-04 | CVE-2019-19226 | Missing Authentication for Critical Function vulnerability in Dlink Dsl-2680 Firmware 1.03 A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to enable or disable MAC address filtering by submitting a crafted Forms/WlanMacFilter_1 POST request without being authenticated on the admin interface. | 7.5 |