Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-31 | CVE-2019-18230 | Missing Authentication for Critical Function vulnerability in Honeywell products Honeywell equIP and Performance series IP cameras, multiple versions, A vulnerability exists where the affected product allows unauthenticated access to audio streaming over HTTP. | 7.5 |
| 2019-10-31 | CVE-2019-13547 | Missing Authentication for Critical Function vulnerability in Advantech Wise-Paas/Rmm 3.3.29 Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. | 9.8 |
| 2019-10-31 | CVE-2019-18465 | Missing Authentication for Critical Function vulnerability in Ipswitch Moveit Transfer 11.1/11.1.1 In Progress MOVEit Transfer 11.1 before 11.1.3, a vulnerability has been found that could allow an attacker to sign in without full credentials via the SSH (SFTP) interface. | 9.8 |
| 2019-10-29 | CVE-2019-3978 | Missing Authentication for Critical Function vulnerability in Mikrotik Routeros RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below allow remote unauthenticated attackers to trigger DNS queries via port 8291. | 7.5 |
| 2019-10-25 | CVE-2019-13549 | Missing Authentication for Critical Function vulnerability in Carel Pcoweb Firmware A1.5.3/A2.0.4/B1.2.4 Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. | 7.5 |
| 2019-10-25 | CVE-2019-13525 | Missing Authentication for Critical Function vulnerability in Honeywell Ip-Ak2 Firmware In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data, which can be accessed without authentication over the network. | 5.3 |
| 2019-10-17 | CVE-2019-15064 | Missing Authentication for Critical Function vulnerability in Hinet Gpon Firmware HiNet GPON firmware version < I040GWR190731 allows an attacker login to device without any authentication. | 9.8 |
| 2019-10-16 | CVE-2019-17512 | Missing Authentication for Critical Function vulnerability in Dlink Dir-412 Firmware A11.14Ww There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. | 9.1 |
| 2019-10-16 | CVE-2019-15282 | Missing Authentication for Critical Function vulnerability in Cisco Identity Services Engine Software A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker read tcpdump files generated on an affected device. | 5.3 |
| 2019-10-14 | CVE-2019-17511 | Missing Authentication for Critical Function vulnerability in Dlink Dir-412 Firmware A11.14Ww There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. | 7.5 |