Vulnerabilities > Missing Authentication for Critical Function
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-28 | CVE-2023-29061 | Missing Authentication for Critical Function vulnerability in BD Facschorus There is no BIOS password on the FACSChorus workstation. | 5.2 |
2023-11-28 | CVE-2023-29063 | Missing Authentication for Critical Function vulnerability in BD Facschorus The FACSChorus workstation does not prevent physical access to its PCI express (PCIe) slots, which could allow a threat actor to insert a PCI card designed for memory capture. | 2.4 |
2023-11-28 | CVE-2023-29060 | Missing Authentication for Critical Function vulnerability in BD Facschorus The FACSChorus workstation operating system does not restrict what devices can interact with its USB ports. | 5.7 |
2023-11-22 | CVE-2023-3104 | Missing Authentication for Critical Function vulnerability in Unitree A1 Firmware Lack of authentication vulnerability. | 7.5 |
2023-11-21 | CVE-2023-42770 | Missing Authentication for Critical Function vulnerability in Redlioncontrols products Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. | 9.8 |
2023-11-16 | CVE-2023-47674 | Missing Authentication for Critical Function vulnerability in C-First products Missing authentication for critical function vulnerability in First Corporation's DVRs allows a remote unauthenticated attacker to rewrite or obtain the configuration information of the affected device. | 9.8 |
2023-11-14 | CVE-2023-34060 | Missing Authentication for Critical Function vulnerability in VMWare Cloud Director 10.4.0 VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from an older version. On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the appliance can bypass login restrictions when authenticating on port 22 (ssh) or port 5480 (appliance management console) . | 9.8 |
2023-11-04 | CVE-2023-46381 | Missing Authentication for Critical Function vulnerability in Loytec products LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) lack authentication for the preinstalled version of LWEB-802 via an lweb802_pre/ URI. | 8.2 |
2023-11-03 | CVE-2022-43554 | Missing Authentication for Critical Function vulnerability in Ivanti Avalanche Ivanti Avalanche Smart Device Service Missing Authentication Local Privilege Escalation Vulnerability | 7.8 |
2023-11-03 | CVE-2022-43555 | Missing Authentication for Critical Function vulnerability in Ivanti Avalanche Ivanti Avalanche Printer Device Service Missing Authentication Local Privilege Escalation Vulnerability | 7.8 |