2966 matches found
IDAttend IDWeb Access Control Error Vulnerability
IDAttend IDWeb is a web-based module from IDAttend, Inc. A security vulnerability exists in IDAttend IDWeb version 3.1.052 and prior versions, which stems from a lack of authentication in the StudentPopupDetailsContactDetails method...
IDAttend IDWeb Access Control Error Vulnerability
IDAttend IDWeb is a web-based module from IDAttend, Inc. A security vulnerability exists in IDAttend IDWeb version 3.1.052 and prior versions, which stems from a lack of authentication in the SetStudentNotes method...
Schneider Electric IGSS
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : low attack complexity Vendor : Schneider Electric Equipment : IGSS Interactive Graphical SCADA System Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow...
The vulnerability of backup and data recovery software on computers and servers with Acronis Agent lies in the lack of authentication procedures, which allow attackers to gain unauthorized access to protected information.
The vulnerability of backup and data recovery software on computers and servers with Acronis Agent stems from the lack of authentication procedures. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...
Missing Authentication For Critical Function
github.com/cilium/cilium is vulnerable to Missing Authentication. The vulnerability is due to the ValidateCNP function in validator.go which lacks checks for a policy with any malicious or incorrectly match configurations, allowing an attacker to create policies that bypass namespace restrictions...
CVE-2023-36851
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to webauthoperation.php that doesn't require authentication, an...
CVE-2023-36851
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to webauthoperation.php that doesn't require authentication, an...
The vulnerability of the libspdm library, related to the absence of an authentication procedure that allows attackers to intercept user sessions
The vulnerability of the libspdm library is related to the absence of an authentication process. Exploiting this vulnerability allows a malicious actor to intercept a user’s session remotely...
Atos Unify OpenScape Code Execution / Missing Authentication
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Authenticated Remote Code Execution and Missing Authentication product: Atos Unify OpenScape Session Border Controller Atos Unify OpenScape Branch Atos Unify OpenScape BC...
Atos Unify OpenScape Code Execution / Missing Authentication Vulnerabilities
Atos Unify OpenScape Session Border Controller, Atos Unify OpenScape Branch, and Atos Unify OpenScape BCF suffer from remote code execution and missing authentication vulnerabilities. Atos OpenScape SBC versions before 10 R3.3.0, Branch version 10 versions before R3.3.0, and BCF version 10 versio...
CVE-2023-4516
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the IGSS Update Service that could allow a local attacker to change update source, potentially leading to remote code execution when the attacker force an update containing malicious content...
CVE-2023-4516
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the IGSS Update Service that could allow a local attacker to change update source, potentially leading to remote code execution when the attacker force an update containing malicious content...
Authentication flaw
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the IGSS Update Service that could allow a local attacker to change update source, potentially leading to remote code execution when the attacker force an update containing malicious content...
CVE-2023-4516
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the IGSS Update Service that could allow a local attacker to change update source, potentially leading to remote code execution when the attacker force an update containing malicious content...
CVE-2023-4516
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the IGSS Update Service that could allow a local attacker to change update source, potentially leading to remote code execution when the attacker force an update containing malicious content...
CVE-2023-4516
Schneider Electric IGSS Update Service (v16.0.0.23211 and earlier) is affected by CVE-2023-4516: a CWE-306 missing authentication for a critical function vulnerability that lets a local attacker change the update source, potentially enabling remote code execution when a malicious update is applie...
CVE-2023-41367 Missing Authentication check in SAP NetWeaver (Guided Procedures)
Due to missing authentication check in webdynpro application, an unauthorized user in SAP NetWeaver Guided Procedures - version 7.50, can gain access to admin view of specific function anonymously. On successful exploitation of vulnerability under specific circumstances, attacker can view user’s...
SAP CommonCryptoLib and abu security vulnerabilities
SAP CommonCryptoLib is a password library from SAP, a German company. A security vulnerability exists in SAP CommonCryptoLib that stems from not performing the required authentication checks, which could result in missing or incorrect authorization checks for authenticated users, leading to...
CVE-2023-4815
Missing Authentication for Critical Function in GitHub repository answerdev/answer prior to v1.1.3...
CVE-2023-4815 Missing Authentication for Critical Function in answerdev/answer
Missing Authentication for Critical Function in GitHub repository answerdev/answer prior to v1.1.3...