Vulnerabilities > Missing Authentication for Critical Function
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-10-22 | CVE-2018-13114 | Missing Authentication for Critical Function vulnerability in Keruigroup Ypc99 Firmware Missing authentication and improper input validation in KERUI Wifi Endoscope Camera (YPC99) allow an attacker to execute arbitrary commands (with a length limit of 19 characters) via the "ssid" value, as demonstrated by ssid:;ping 192.168.1.2 in the body of a SETSSID command. | 7.5 |
2018-10-11 | CVE-2018-1745 | Missing Authentication for Critical Function vulnerability in IBM Security KEY Lifecycle Manager IBM Security Key Lifecycle Manager 2.7 and 3.0 could allow an unauthenticated user to restart the SKLM server due to missing authentication. | 7.8 |
2018-10-10 | CVE-2018-16758 | Missing Authentication for Critical Function vulnerability in multiple products Missing message authentication in the meta-protocol in Tinc VPN version 1.0.34 and earlier allows a man-in-the-middle attack to disable the encryption of VPN packets. | 5.9 |
2018-10-03 | CVE-2018-17880 | Missing Authentication for Critical Function vulnerability in D-Link Dir-823G Firmware On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration allows /HNAP1 RunReboot commands without authentication to trigger a reboot. | 7.5 |
2018-09-28 | CVE-2018-5393 | Missing Authentication for Critical Function vulnerability in Tp-Link EAP Controller The TP-LINK EAP Controller is TP-LINK's software for remotely controlling wireless access point devices. | 10.0 |
2018-09-20 | CVE-2018-14796 | Missing Authentication for Critical Function vulnerability in Tec4Data Smartcooler Firmware Tec4Data SmartCooler, all versions prior to firmware 180806, the device responds to a remote unauthenticated reboot command that may be used to perform a denial of service attack. | 7.8 |
2018-09-07 | CVE-2018-1757 | Missing Authentication for Critical Function vulnerability in IBM Security Identity Governance and Intelligence 5.2.3.2/5.2.4 IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 could allow an attacker to obtain sensitive information due to missing authentication in IGI for the survey application. | 5.0 |
2018-08-24 | CVE-2017-12575 | Missing Authentication for Critical Function vulnerability in Aterm Wg2600Hp2 Firmware 1.0.2 An issue was discovered on the NEC Aterm WG2600HP2 1.0.2. | 5.0 |
2018-08-15 | CVE-2018-11247 | Missing Authentication for Critical Function vulnerability in Nasdaq Bwise 5.0 The JMX/RMI interface in Nasdaq BWise 5.0 does not require authentication for an SAP BO Component, which allows remote attackers to execute arbitrary code via a session on port 81. | 7.5 |
2018-07-26 | CVE-2017-2637 | Missing Authentication for Critical Function vulnerability in Redhat Openstack A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. | 10.0 |