Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-28 | CVE-2019-9935 | Missing Authentication for Critical Function vulnerability in Lexmark products Various Lexmark products have Incorrect Access Control (issue 2 of 2). | 5.3 |
| 2019-08-28 | CVE-2019-9934 | Missing Authentication for Critical Function vulnerability in Lexmark products Various Lexmark products have Incorrect Access Control (issue 1 of 2). | 5.3 |
| 2019-08-26 | CVE-2019-15506 | Missing Authentication for Critical Function vulnerability in Kaseya Virtual System Administrator An issue was discovered in Kaseya Virtual System Administrator (VSA) through 9.4.0.37. | 7.5 |
| 2019-08-22 | CVE-2019-14511 | Missing Authentication for Critical Function vulnerability in Sphinxsearch Sphinx 3.1.1 Sphinx Technologies Sphinx 3.1.1 by default has no authentication and listens on 0.0.0.0, making it exposed to the internet (unless filtered by a firewall or reconfigured to listen to 127.0.0.1 only). | 7.5 |
| 2019-08-21 | CVE-2019-12634 | Missing Authentication for Critical Function vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 7.5 |
| 2019-08-18 | CVE-2019-15129 | Missing Authentication for Critical Function vulnerability in Humanica Humatrix 7 1.0.0.203/1.0.0.681 The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681 allows an unauthenticated attacker to access all candidates' files in the photo folder on the website by specifying a "user id" parameter and file name, such as in a recruitment_online/upload/user/[user_id]/photo/[file_name] URI. | 5.3 |
| 2019-08-16 | CVE-2019-15106 | Missing Authentication for Critical Function vulnerability in Zohocorp Manageengine Opmanager An issue was discovered in Zoho ManageEngine OpManager in builds before 14310. | 9.8 |
| 2019-08-14 | CVE-2019-9585 | Missing Authentication for Critical Function vulnerability in Eq-3 Homematic Ccu2 Firmware and Homematic Ccu3 Firmware eQ-3 Homematic CCU2 prior to 2.47.10 and CCU3 prior to 3.47.10 JSON API has Improper Access Control for Interface.***Metadata related operations, resulting in the ability to read, set and deletion of Metadata. | 9.8 |
| 2019-08-13 | CVE-2019-14984 | Missing Authentication for Critical Function vulnerability in Eq-3 Homematic Ccu2 Firmware and Homematic Ccu3 Firmware eQ-3 Homematic CCU2 and CCU3 with the XML-API through 1.2.0 AddOn installed allow Remote Code Execution by unauthenticated attackers with access to the web interface, because the undocumented addons/xmlapi/exec.cgi script uses CMD_EXEC to execute TCL code from a POST request. | 8.1 |
| 2019-08-08 | CVE-2019-13101 | Missing Authentication for Critical Function vulnerability in Dlink Dir-600M Firmware An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. | 9.8 |