Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2019-10-16 CVE-2019-15282 Missing Authentication for Critical Function vulnerability in Cisco Identity Services Engine Software
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker read tcpdump files generated on an affected device.
network
low complexity
cisco CWE-306
5.3
2019-10-14 CVE-2019-17511 Missing Authentication for Critical Function vulnerability in Dlink Dir-412 Firmware A11.14Ww
There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers.
network
low complexity
dlink CWE-306
7.5
2019-10-12 CVE-2019-17532 Missing Authentication for Critical Function vulnerability in Belkin Wemo Switch 28B Firmware Wemoww2.00.11057.Pvtowrtsns
An issue was discovered on Belkin Wemo Switch 28B WW_2.00.11057.PVT-OWRT-SNS devices.
network
low complexity
belkin CWE-306
7.5
2019-10-11 CVE-2019-17506 Missing Authentication for Critical Function vulnerability in Dlink Dir-817Lw A1 Firmware and Dir-868L B1 Firmware
There are some web interfaces without authentication requirements on D-Link DIR-868L B1-2.03 and DIR-817LW A1-1.04 routers.
network
low complexity
dlink CWE-306
critical
9.8
2019-10-11 CVE-2019-17505 Missing Authentication for Critical Function vulnerability in Dlink Dap-1320 A2 Firmware 1.21
D-Link DAP-1320 A2-V1.21 routers have some web interfaces without authentication requirements, as demonstrated by uplink_info.xml.
network
low complexity
dlink CWE-306
7.5
2019-10-10 CVE-2019-9529 Missing Authentication for Critical Function vulnerability in Cobham Explorer 710 Firmware 1.07
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, has no authentication by default.
local
low complexity
cobham CWE-306
5.5
2019-10-09 CVE-2019-15018 Missing Authentication for Critical Function vulnerability in Zingbox Inspector 1.280
A security vulnerability exists in the Zingbox Inspector versions 1.280 and earlier, where authentication is not required when binding the Inspector instance to a different customer tenant.
network
low complexity
zingbox CWE-306
7.5
2019-10-09 CVE-2019-17354 Missing Authentication for Critical Function vulnerability in Zyxel Nbg-418N V2 Firmware 1.00(Aarp.9)C0
wan.htm page on Zyxel NBG-418N v2 with firmware version V1.00(AARP.9)C0 can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify data fields of the page.
network
low complexity
zyxel CWE-306
critical
9.4
2019-10-09 CVE-2019-17353 Missing Authentication for Critical Function vulnerability in Dlink Dir-615 Firmware 20.05/20.07
An issue discovered on D-Link DIR-615 devices with firmware version 20.05 and 20.07.
network
low complexity
dlink CWE-306
8.2
2019-10-08 CVE-2019-0379 Missing Authentication for Critical Function vulnerability in SAP Process Integration 1.0/2.0
SAP Process Integration, business-to-business add-on, versions 1.0, 2.0, does not perform authentication check properly when the default security provider is changed to BouncyCastle (BC), leading to Missing Authentication Check
network
low complexity
sap CWE-306
5.3