849 matches found
CVE-2024-7015
Missing Authentication for Critical Function vulnerability in Profelis Informatics and Consulting PassBox allows Authentication Abuse.This issue affects PassBox: before v1.2...
CVE-2024-7015
Missing Authentication for Critical Function vulnerability in Profelis Informatics and Consulting PassBox allows Authentication Abuse. This issue affects PassBox: before v1.2...
DiCal-RED 4009 Missing Authentication
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-035 Product: DiCal-RED Manufacturer: Swissphone Wireless AG Affected Versions: Unknown Tested Versions: 4009 Vulnerability Type: Missing Authentication for Critical Function CWE-306 Risk Level: High Solution Status: Open...
GO-2023-2051 Answer Missing Authentication for Critical Function in github.com/answerdev/answer
Answer Missing Authentication for Critical Function in github.com/answerdev/answer...
The vulnerability of the Palo Alto Networks Expedition configuration migration tool, related to the lack of authentication for a critical function, allows a perpetrator to obtain administrator credentials.
The vulnerability of the Palo Alto Networks Expedition configuration migration tool is related to the absence of authentication for a critical function. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain the administrator account...
CVE-2024-43272
Missing Authentication for Critical Function vulnerability in icegram Icegram allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Icegram: from n/a through 3.1.24...
PT-2024-30436 · Icegram · Icegram
Name of the Vulnerable Software and Affected Versions: Icegram versions n/a through 3.1.24 Description: The issue affects Icegram, allowing access to functionality not properly constrained by ACLs due to a Missing Authentication for Critical Function. Recommendations: For versions n/a through...
The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system lies in the lack of authentication for a critical function, allowing attackers to trigger a service failure.
The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system lies in the absence of authentication for a critical function. Exploiting this vulnerability could allow an attacker, operating remotely, to cause service interruptions...
The vulnerability of the Packet Forwarding Engine (PFE) module in Juniper Networks’ Junos OS-based routers of the MX, MX-SPC3, and SRX series allows a attacker to compromise the integrity and accessibility of protected information.
The vulnerability of the Packet Forwarding Engine PFE module in Juniper Networks’ Junos OS-based routers of the MX, MX-SPC3, and SRX series is related to the absence of authentication for a critical function. Exploiting this vulnerability allows an attacker to compromise the integrity and...
The vulnerability of the Windows Update Stack component of the Microsoft Windows operating system, which allows a hacker to increase their privileges
The vulnerability of the Windows Update Stack component in the Microsoft Windows operating system is related to the lack of authentication for a critical function. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the corporate version of the PowerPanel Enterprise monitoring and power source management system lies in the lack of authentication for critical functions, allowing attackers to gain unauthorized access to the application.
The vulnerability of the corporate version of the PowerPanel Enterprise monitoring and power source management system is related to the lack of authentication for a critical function. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to the...
CVE-2024-33622
Missing authentication for critical function vulnerability exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, sensitive information may be obtained and/or the information stored in the database may be altered by a remote authenticated attacker...
CVE-2024-34800 WordPress Crafthemes Demo Import plugin <= 3.3 - Arbitrary Plugin Installation vulnerability
Missing Authentication for Critical Function vulnerability in Aruphash Crafthemes Demo Import allows Functionality Misuse.This issue affects Crafthemes Demo Import: from n/a through 3.3...
CVE-2024-34800 WordPress Crafthemes Demo Import plugin <= 3.3 - Arbitrary plugin Installation vulnerability
Missing Authorization vulnerability in Crafthemes Crafthemes Demo Import crafthemes-demo-import allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Crafthemes Demo Import: from n/a through = 3.3...
Johnson Controls Software House iStar Door Controller (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS 4 8.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Johnson Controls Inc. Equipment : Software House iStar Pro Door Controller, ICU Vulnerability : Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this...
CVE-2024-0336
Missing Authentication for Critical Function vulnerability in EMTA Grup PDKS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PDKS: from V3.04 before 20240603. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...
CVE-2024-36388
MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function...
CVE-2024-36388 MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function
MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function...
CVE-2024-36388 MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function
MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function...
Siemens RUGGEDCOM CROSSBOW Missing Critical Function Authentication Vulnerability
Siemens RUGGEDCOM CROSSBOW is a proven secure access management solution from Siemens, Germany. A security vulnerability exists in Siemens RUGGEDCOM CROSSBOW due to an affected system allowing any unauthenticated client to disconnect any active user from the server. An attacker could exploit this...