Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2017-06-13 CVE-2015-9030 Missing Authentication for Critical Function vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, the Hypervisor API could be misused to bypass authentication.
network
google CWE-306
critical
 9.3
9.3
2017-06-09 CVE-2016-7830 Missing Authentication for Critical Function vulnerability in Sony products
Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware versions prior to Ver.1.51 and PCS-XC1 devices with firmware version prior to Ver.1.22 allow an attacker on the same network segment to bypass authentication to perform administrative operations via unspecified vectors.
low complexity
sony CWE-306
5.8
5.8
2017-04-10 CVE-2016-5053 Missing Authentication for Critical Function vulnerability in Osram Lightify Home
OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 allows remote attackers to execute arbitrary commands via TCP port 4000.
network
low complexity
osram CWE-306
7.5
7.5
2017-04-10 CVE-2015-2888 Missing Authentication for Critical Function vulnerability in Summerinfant Baby Zoom Wifi Monitor Firmware
Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to bypass authentication, related to the MySnapCam web service.
network
low complexity
summerinfant CWE-306
7.5
7.5
2017-03-15 CVE-2017-3819 Missing Authentication for Critical Function vulnerability in Cisco ASR 5000 Series Software and Virtualized Packet Core
A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating system for Cisco ASR 5000 Series, ASR 5500 Series, ASR 5700 Series devices, and Cisco Virtualized Packet Core could allow an authenticated, remote attacker to gain unrestricted, root shell access.
network
low complexity
cisco CWE-306
critical
 9.0
9.0
2017-03-02 CVE-2017-6409 Missing Authentication for Critical Function vulnerability in Veritas Netbackup and Netbackup Appliance
An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier.
network
low complexity
veritas CWE-306
7.5
7.5
2017-02-13 CVE-2016-8355 Missing Authentication for Critical Function vulnerability in Smiths-Medical Cadd-Solis Medication Safety Software
An issue was discovered in Smiths-Medical CADD-Solis Medication Safety Software, Version 1.0; 2.0; 3.0; and 3.1.
network
low complexity
smiths-medical CWE-306
critical
 9.0
9.0
2017-02-13 CVE-2017-5162 Missing Authentication for Critical Function vulnerability in Binom3 Universal Multifunctional Electric Power Quality Meter Firmware
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter.
network
low complexity
binom3 CWE-306
critical
 10.0
10
2016-04-21 CVE-2016-2004 Missing Authentication for Critical Function vulnerability in HP Data Protector
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary code via unspecified vectors related to lack of authentication.
network
hp CWE-306
critical
 9.3
9.3
2014-04-01 CVE-2014-2590 Missing Authentication for Critical Function vulnerability in Siemens Ruggedcom Rugged Operating System
The web management interface in Siemens RuggedCom ROS before 3.11, ROS 3.11 before 3.11.5 for RS950G, ROS 3.12, and ROS 4.0 for RSG2488 allows remote attackers to cause a denial of service (interface outage) via crafted HTTP packets.
network
low complexity
siemens CWE-306
5.0
5.0