Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-13 | CVE-2019-19799 | Missing Authentication for Critical Function vulnerability in Zohocorp Manageengine Applications Manager Zoho ManageEngine Applications Manager before 14600 allows a remote unauthenticated attacker to disclose license related information via WieldFeedServlet servlet. | 5.3 |
| 2020-03-10 | CVE-2020-6207 | Missing Authentication for Critical Function vulnerability in SAP Solution Manager 7.20 SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check does not perform any authentication for a service resulting in complete compromise of all SMDAgents connected to the Solution Manager. | 9.8 |
| 2020-03-10 | CVE-2020-0052 | Missing Authentication for Critical Function vulnerability in Google Android 10.0 In smsSelected of AnswerFragment.java, there is a way to send an SMS from the lock screen due to a permissions bypass. | 4.3 |
| 2020-03-06 | CVE-2020-5328 | Missing Authentication for Critical Function vulnerability in Dell EMC Isilon Onefs Dell EMC Isilon OneFS versions prior to 8.2.0 contain an unauthorized access vulnerability due to a lack of thorough authorization checks when SyncIQ is licensed, but encrypted syncs are not marked as required. | 9.8 |
| 2020-03-05 | CVE-2020-9544 | Missing Authentication for Critical Function vulnerability in D-Link Dsl-2640B Firmware E1Eu1.01 An issue was discovered on D-Link DSL-2640B E1 EU_1.01 devices. | 7.5 |
| 2020-03-04 | CVE-2019-19226 | Missing Authentication for Critical Function vulnerability in Dlink Dsl-2680 Firmware 1.03 A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to enable or disable MAC address filtering by submitting a crafted Forms/WlanMacFilter_1 POST request without being authenticated on the admin interface. | 7.5 |
| 2020-03-04 | CVE-2019-19225 | Missing Authentication for Critical Function vulnerability in Dlink Dsl-2680 Firmware 1.03 A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to change DNS servers without being authenticated on the admin interface by submitting a crafted Forms/dns_1 POST request. | 7.5 |
| 2020-03-04 | CVE-2019-19224 | Missing Authentication for Critical Function vulnerability in Dlink Dsl-2680 Firmware 1.03 A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to download the configuration (binary file) settings by submitting a rom-0 GET request without being authenticated on the admin interface. | 7.5 |
| 2020-02-25 | CVE-2015-5201 | Missing Authentication for Critical Function vulnerability in Redhat products VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 as packaged in Red Hat Enterprise Virtualization before 3.5.6 when VSDM is run with -spice disable-ticketing and a VM is suspended and then restored, allows remote attackers to log in without authentication via unspecified vectors. | 7.5 |
| 2020-02-21 | CVE-2020-9330 | Missing Authentication for Critical Function vulnerability in Xerox products Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or validate LDAP bind credentials when changing the LDAP connector IP address. | 8.8 |