Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-28 | CVE-2023-38028 | Missing Authentication for Critical Function vulnerability in Saho Adm-100 Firmware and Adm-100Fp Firmware Saho’s attendance devices ADM100 and ADM-100FP have insufficient authentication. | 9.1 |
| 2023-08-25 | CVE-2023-40585 | Missing Authentication for Critical Function vulnerability in Metal3 Ironic-Image ironic-image is a container image to run OpenStack Ironic as part of Metal³. | 7.5 |
| 2023-08-23 | CVE-2023-38422 | Missing Authentication for Critical Function vulnerability in Walchem Intuition 9 Firmware Walchem Intuition 9 firmware versions prior to v4.21 are missing authentication for some of the API routes of the management web server. | 7.5 |
| 2023-08-15 | CVE-2023-4334 | Missing Authentication for Critical Function vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller Web server (nginx) is serving private files without any authentication | 7.5 |
| 2023-08-15 | CVE-2023-4335 | Missing Authentication for Critical Function vulnerability in Broadcom Raid Controller web Interface 51.12.02779 Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on Linux | 7.5 |
| 2023-08-08 | CVE-2023-37373 | Missing Authentication for Critical Function vulnerability in Siemens Ruggedcom Crossbow 5.2/5.3 A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). | 7.5 |
| 2023-07-20 | CVE-2023-38523 | Missing Authentication for Critical Function vulnerability in Samsung products The web interface on multiple Samsung Harman AMX N-Series devices allows directory listing for the /tmp/ directory, without authentication, exposing sensitive information such as the command history and screenshot of the file being processed. | 5.3 |
| 2023-07-18 | CVE-2023-36669 | Missing Authentication for Critical Function vulnerability in Kratosdefense NGC Indoor Unit Firmware Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit (IDU) before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. | 9.8 |
| 2023-07-17 | CVE-2023-37265 | Missing Authentication for Critical Function vulnerability in Icewhale Casaos CasaOS is an open-source Personal Cloud system. | 9.8 |
| 2023-07-11 | CVE-2023-35872 | Missing Authentication for Critical Function vulnerability in SAP Netweaver Process Integration 7.50 The Message Display Tool (MDT) of SAP NetWeaver Process Integration - version SAP_XIAF 7.50, does not perform authentication checks for certain functionalities that require user identity. | 6.5 |