Vulnerabilities > Missing Authentication for Critical Function

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-06	CVE-2019-17219	Missing Authentication for Critical Function vulnerability in Vzug Combi-Stream Mslq Firmware Ethernetr07 An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05. low complexity vzug CWE-306	8.8
2019-10-01	CVE-2019-8292	Missing Authentication for Critical Function vulnerability in Online Store System Project Online Store System 1.0 Online Store System v1.0 delete_product.php doesn't check to see if a user authtenticated or has administrative rights allowing arbitrary product deletion. network low complexity online-store-system-project CWE-306	5.3
2019-10-01	CVE-2019-15940	Missing Authentication for Critical Function vulnerability in Govicture Pc530 Firmware 3.13.70 Victure PC530 devices allow unauthenticated TELNET access as root. network low complexity govicture CWE-306 critical	9.8
2019-09-26	CVE-2019-13523	Missing Authentication for Critical Function vulnerability in Honeywell products In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data in JSON format for IP cameras and NVRs (Network Video Recorders), which can be accessed without authentication over the network. network low complexity honeywell CWE-306	5.3
2019-09-25	CVE-2019-15068	Missing Authentication for Critical Function vulnerability in Gigastone Smart Battery A4 Firmware R1.7.9 A broken access control vulnerability in Smart Battery A4, a multifunctional portable charger, firmware version ?<= r1.7.9 allows an attacker to get/reset administrator’s password without any authentication. network low complexity gigastone CWE-306 critical	9.8
2019-09-24	CVE-2019-5504	Missing Authentication for Critical Function vulnerability in Netapp Ontap Select Deploy Administration Utility 2.12/2.12.1 ONTAP Select Deploy administration utility versions 2.12 & 2.12.1 ship with an HTTP service bound to the network allowing unauthenticated remote attackers to perform administrative actions. network low complexity netapp CWE-306 critical	9.8
2019-09-18	CVE-2019-14253	Missing Authentication for Critical Function vulnerability in Publisure 2.1.2 An issue was discovered in servletcontroller in the secure portal in Publisure 2.1.2. network low complexity publisure CWE-306	6.5
2019-09-17	CVE-2019-16199	Missing Authentication for Critical Function vulnerability in Eq-3 Homematic Ccu2 Firmware and Homematic Ccu3 Firmware eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remote Code Execution by unauthenticated attackers with access to the web interface via an HTTP POST request to certain URLs related to the ReGa core process. network low complexity eq-3 CWE-306 critical	9.8
2019-09-11	CVE-2019-8449	Missing Authentication for Critical Function vulnerability in Atlassian Jira The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability. network low complexity atlassian CWE-306	5.3
2019-09-10	CVE-2019-11496	Missing Authentication for Critical Function vulnerability in Couchbase Server In versions of Couchbase Server prior to 5.0, the bucket named "default" was a special bucket that allowed read and write access without authentication. network low complexity couchbase CWE-306 critical	9.1