Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-22 | CVE-2019-6820 | Missing Authentication for Critical Function vulnerability in Schneider-Electric products A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration (IP address, network mask and gateway IP address) when a specific Ethernet frame is received in all versions of: Modicon M100, Modicon M200, Modicon M221, ATV IMC drive controller, Modicon M241, Modicon M251, Modicon M258, Modicon LMC058, Modicon LMC078, PacDrive Eco ,PacDrive Pro, PacDrive Pro2 | 6.4 |
| 2019-05-14 | CVE-2019-10919 | Missing Authentication for Critical Function vulnerability in Siemens Logo!8 BM Firmware A vulnerability has been identified in LOGO! 8 BM (incl. | 7.5 |
| 2019-05-13 | CVE-2019-9727 | Missing Authentication for Critical Function vulnerability in Eq-3 Ccu3 Firmware Unauthenticated password hash disclosure in the User.getUserPWD method in eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to retrieve the GUI password hashes of GUI users. | 5.0 |
| 2019-05-08 | CVE-2019-5014 | Missing Authentication for Critical Function vulnerability in Wincofireworks Fw-1007 Firmware 2.0 An exploitable improper access control vulnerability exists in the bluetooth low energy functionality of Winco Fireworks FireFly FW-1007 V2.0. | 3.3 |
| 2019-05-07 | CVE-2019-7564 | Missing Authentication for Critical Function vulnerability in Coship products An issue was discovered on Shenzhen Coship WM3300 WiFi Router 5.0.0.55 devices. | 7.5 |
| 2019-04-24 | CVE-2019-8993 | Missing Authentication for Critical Function vulnerability in Tibco products The administrative web server component of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, TIBCO ActiveMatrix Policy Director, TIBCO ActiveMatrix Service Bus, TIBCO ActiveMatrix Service Grid, TIBCO ActiveMatrix Service Grid Distribution for TIBCO Silver Fabric, TIBCO Silver Fabric Enabler for ActiveMatrix BPM, and TIBCO Silver Fabric Enabler for ActiveMatrix Service Grid contains a vulnerability that could theoretically allow an unauthenticated user to download a file with credentials information. | 9.8 |
| 2019-04-23 | CVE-2019-7727 | Missing Authentication for Critical Function vulnerability in Nice Engage 6.5 In NICE Engage through 6.5, the default configuration binds an unauthenticated JMX/RMI interface to all network interfaces, without restricting registration of MBeans, which allows remote attackers to execute arbitrary code via the RMI protocol by using the JMX connector. | 7.5 |
| 2019-04-19 | CVE-2019-10886 | Missing Authentication for Critical Function vulnerability in Sony Photo Sharing Plus An incorrect access control exists in the Sony Photo Sharing Plus application in the firmware before PKG6.5629 version (for the X7500D TV and other applicable TVs). | 4.3 |
| 2019-04-18 | CVE-2019-11321 | Missing Authentication for Critical Function vulnerability in Motorola CX2 Firmware and M2 Firmware An issue was discovered in Motorola CX2 1.01 and M2 1.01. | 5.0 |
| 2019-04-17 | CVE-2019-1654 | Missing Authentication for Critical Function vulnerability in Cisco Ap-Cos A vulnerability in the development shell (devshell) authentication for Cisco Aironet Series Access Points (APs) running the Cisco AP-COS operating system could allow an authenticated, local attacker to access the development shell without proper authentication, which allows for root access to the underlying Linux OS. | 7.2 |