Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2018-09-20 CVE-2018-14796 Missing Authentication for Critical Function vulnerability in Tec4Data Smartcooler Firmware
Tec4Data SmartCooler, all versions prior to firmware 180806, the device responds to a remote unauthenticated reboot command that may be used to perform a denial of service attack.
network
low complexity
tec4data CWE-306
7.5
2018-09-07 CVE-2018-1757 Missing Authentication for Critical Function vulnerability in IBM Security Identity Governance and Intelligence 5.2.3.2/5.2.4
IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 could allow an attacker to obtain sensitive information due to missing authentication in IGI for the survey application.
network
low complexity
ibm CWE-306
5.3
2018-08-24 CVE-2017-12575 Missing Authentication for Critical Function vulnerability in Aterm Wg2600Hp2 Firmware 1.0.2
An issue was discovered on the NEC Aterm WG2600HP2 1.0.2.
network
low complexity
aterm CWE-306
7.5
2018-08-15 CVE-2018-11247 Missing Authentication for Critical Function vulnerability in Nasdaq Bwise 5.0
The JMX/RMI interface in Nasdaq BWise 5.0 does not require authentication for an SAP BO Component, which allows remote attackers to execute arbitrary code via a session on port 81.
network
low complexity
nasdaq CWE-306
critical
9.8
2018-07-24 CVE-2017-3217 Missing Authentication for Critical Function vulnerability in Calamp products
CalAmp LMU 3030 series OBD-II CDMA and GSM devices has an SMS (text message) interface that can be deployed where no password is configured for this interface by the integrator / reseller.
network
high complexity
calamp CWE-306
8.1
2018-07-18 CVE-2018-0377 Missing Authentication for Critical Function vulnerability in Cisco Mobility Services Engine and Policy Suite
A vulnerability in the Open Systems Gateway initiative (OSGi) interface of Cisco Policy Suite before 18.1.0 could allow an unauthenticated, remote attacker to directly connect to the OSGi interface.
network
low complexity
cisco CWE-306
critical
9.8
2018-07-18 CVE-2018-0376 Missing Authentication for Critical Function vulnerability in Cisco Mobility Services Engine and Policy Suite
A vulnerability in the Policy Builder interface of Cisco Policy Suite before 18.2.0 could allow an unauthenticated, remote attacker to access the Policy Builder interface.
network
low complexity
cisco CWE-306
critical
9.8
2018-07-18 CVE-2018-0374 Missing Authentication for Critical Function vulnerability in Cisco Mobility Services Engine 14.0.0
A vulnerability in the Policy Builder database of Cisco Policy Suite before 18.2.0 could allow an unauthenticated, remote attacker to connect directly to the Policy Builder database.
network
low complexity
cisco CWE-306
critical
9.8
2018-07-13 CVE-2016-9496 Missing Authentication for Critical Function vulnerability in Hughes products
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, lacks authentication.
low complexity
hughes CWE-306
6.5
2018-07-11 CVE-2018-10635 Missing Authentication for Critical Function vulnerability in Universal-Robots Cb3.1 Firmware 3.4.5100
In Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100, ports 30001/TCP to 30003/TCP listen for arbitrary URScript code and execute the code.
network
low complexity
universal-robots CWE-306
critical
9.8