Missing Authentication for Critical FunctionCWE-306
| CVE ID | CVSS | Vendor | Exploit | Patch | Trends |
|---|---|---|---|---|---|
CVE-2022-23220USBView 2.1 before 2.2 allows some local users (e.g., ones logged in via SSH) to execute arbitrary code as root because certain Polkit settings (e.g., allow_any=yes) for pkexec disable the authentication requirement. Code execution can, for example, use the --gtk-module option. This affects Ubuntu, Debian, and Gentoo. | CVSS 7.8 | Exploit | Patched |  | |
CVE-2022-22809A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow modifications of the touch configurations in an unauthorized manner when an attacker attempts to modify the touch configurations. Affected Product: spaceLYnk (V2.6.2 and prior), Wiser for KNX (formerly homeLYnk) (V2.6.2 and prior), fellerLYnk (V2.6.2 and prior) | CVSS 5.3 | Schneider-electric, et al | - | Patched |  |
CVE-2022-22652The GSMA authentication panel could be presented on the lock screen. The issue was resolved by requiring device unlock to interact with the GSMA authentication panel. This issue is fixed in iOS 15.4 and iPadOS 15.4. A person with physical access may be able to view and modify the carrier account information and settings from the lock screen. | CVSS 6.1 | Apple | - | Patched |  |
CVE-2022-22576An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only). | CVSS 8.1 | Debian, et al | Exploit | Patched |  |
CVE-2022-22526In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a missing authentication allows for full access via API. | CVSS 9.8 | Gavazziautomation | - | - |  |
CVE-2022-2242The KUKA SystemSoftware V/KSS in versions prior to 8.6.5 is prone to improper access control as an unauthorized attacker can directly read and write robot configurations when access control is not available or not enabled (default). | CVSS 9.8 | Kuka | - | Patched |  |
CVE-2022-22309The POWER systems FSP is vulnerable to unauthenticated logins through the serial port/TTY interface. This vulnerability can be more critical if the serial port is connected to a serial-over-lan device. IBM X-Force ID: 217095. | CVSS 6.8 | Ibm | - | Patched |  |
CVE-2022-21952A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37.
| CVSS 7.5 | Suse | Exploit | - |  |
CVE-2022-21816NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where a user in the guest OS can cause a GPU interrupt storm on the hypervisor host, leading to a denial of service. | CVSS 5.5 | Nvidia | - | Patched |  |
CVE-2022-21691OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions chat participants can spoof their channel leave message, tricking others into assuming they left the chatroom. | CVSS 4.3 | Onionshare | - | - |  |
CVE-2022-21587Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). | CVSS 9.8 | Oracle | Exploit | Patched |  |
CVE-2022-2141SMS-based GPS commands can be executed by MiCODUS MV720 GPS tracker without authentication. | CVSS 9.8 | Micodus | - | - |  |
CVE-2022-2138The affected product is vulnerable due to missing authentication, which may allow an attacker to read or modify sensitive data and execute arbitrary code, resulting in a denial-of-service condition. | CVSS 7.5 | Advantech | Exploit | - |  |
CVE-2022-20861Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. For more information about these vulnerabilities, see the Details section of this advisory. | CVSS 8.8 | Cisco | - | Patched |  |
CVE-2022-20858Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. For more information about these vulnerabilities, see the Details section of this advisory. | CVSS 9.8 | Cisco | - | Patched |  |
CVE-2022-20857Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. For more information about these vulnerabilities, see the Details section of this advisory. | CVSS 9.8 | Cisco | - | Patched |  |
CVE-2022-20830A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC without authentication. This vulnerability exists because the GUI is accessible on self-managed cloud installations or local server installations of Cisco vManage. An attacker could exploit this vulnerability by accessing the exposed GUI of Cisco SD-AVC. A successful exploit could allow the attacker to view managed device names, SD-AVC logs, and SD-AVC DNS server IP addresses. | CVSS 5.3 | Cisco | - | Patched |  |
CVE-2022-20060In preloader (usb), there is a possible permission bypass due to a missing proper image authentication. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06137462. | CVSS 6.6 | - | Patched |  | |
CVE-2022-1598The WPQA Builder WordPress plugin before 5.5 which is a companion to the Discy and Himer , lacks authentication in a REST API endpoint, allowing unauthenticated users to discover private questions sent between users on the site. | CVSS 5.3 | 2code | Exploit | - |  |
CVE-2022-1521LRM does not implement authentication or authorization by default. A malicious actor can inject, replay, modify, and/or intercept sensitive data. | CVSS 9.1 | Illumina | - | - |  |
CVE-2022-1388On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | CVSS 9.8 | F5 | Exploit | Patched |  |
CVE-2022-1368The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 (3354) and prior is vulnerable to CWE-306: Missing Authentication for Critical Function, which allows unauthorized users to change the operator account password via webserver commands by monitoring web socket communications from an unauthenticated session. This could allow an attacker to escalate privileges to match those of the compromised account. | CVSS 9.8 | Cognex | - | - |  |
CVE-2022-1300Multiple Version of TRUMPF TruTops products expose a service function without necessary authentication. Execution of this function may result in unauthorized access to change of data or disruption of the whole service. | CVSS 9.8 | Trumpf | - | - |  |
CVE-2022-1248A vulnerability was found in SAP Information System 1.0 which has been rated as critical. Affected by this issue is the file /SAP_Information_System/controllers/add_admin.php. An unauthenticated attacker is able to create a new admin account for the web application with a simple POST request. Exploit details were disclosed. | CVSS 7.3 | Sap information system project | Exploit | - |  |
CVE-2022-0993The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows unauthenticated users to log in as administrative users due to missing identity verification on the 2FA back-up code implementation that logs users in upon success. This affects versions up to, and including, 1.2.5. | CVSS 9.8 | Siteground | Exploit | Patched |  |
CVE-2022-0992The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows unauthenticated users to log in as administrative users due to missing identity verification on initial 2FA set-up that allows unauthenticated and unauthorized users to configure 2FA for pending accounts. Upon successful configuration, the attacker is logged in as that user without access to a username/password pair which is the expected first form of authentication. This affects versions up to, and including, 1.2.5. | CVSS 9.8 | Siteground | Exploit | Patched |  |
CVE-2022-0922The software does not perform any authentication for critical system functionality. | CVSS 6.5 | Philips | - | - |  |
CVE-2022-0878Electric Vehicle (EV) commonly utilises the Combined Charging System (CCS) for DC rapid charging. To exchange important messages such as the State of Charge (SoC) with the Electric Vehicle Supply Equipment (EVSE) CCS uses a high-bandwidth IP link provided by the HomePlug Green PHY (HPGP) power-line communication (PLC) technology. The attack interrupts necessary control communication between the vehicle and charger, causing charging sessions to abort. The attack can be conducted wirelessly from a distance using electromagnetic interference, allowing individual vehicles or entire fleets to be disrupted simultaneously. In addition, the attack can be mounted with off-the-shelf radio hardware and minimal technical knowledge. With a power budget of 1 W, the attack is successful from around 47 m distance. The exploited behavior is a required part of the HomePlug Green PHY, DIN 70121 & ISO 15118 standards and all known implementations exhibit it. In addition to electric cars, Brokenwire affects electric ships, airplanes and heavy duty vehicles utilising these standards. | CVSS 6.5 | Combined charging system project | Exploit | - |  |
CVE-2022-0424The Popup by Supsystic WordPress plugin before 1.10.9 does not have any authentication and authorisation in an AJAX action, allowing unauthenticated attackers to call it and get the email addresses of subscribed users | CVSS 5.3 | Supsystic | Exploit | - |  |
CVE-2022-0188The CMP WordPress plugin before 4.0.19 allows any user, even not logged in, to arbitrarily change the coming soon page layout. | CVSS 5.3 | Niteothemes | Exploit | Patched |  |
CVE-2022-0140The Visual Form Builder WordPress plugin before 3.0.6 does not perform access control on entry form export, allowing unauthenticated users to see the form entries or export it as a CSV File using the vfb-export endpoint. | CVSS 5.3 | Vfbpro | Exploit | - |  |
CVE-2021-46852The memory management module has the logic bypass vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | CVSS 7.5 | Huawei | - | Patched |  |
CVE-2021-46384https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: RCE. The impact is: execute arbitrary code (remote). The attack vector is: ${"freemarker.template.utility.Execute"?new()("calc")}. ¶¶ MCMS has a pre-auth RCE vulnerability through which allows unauthenticated attacker with network access via http to compromise MCMS. Successful attacks of this vulnerability can result in takeover of MCMS. | CVSS 9.8 | Mingsoft | Exploit | - |  |
CVE-2021-46371antd-admin 5.5.0 is affected by an incorrect access control vulnerability. Unauthorized access to some interfaces in the foreground leads to leakage of sensitive information. | CVSS 7.5 | Antd-admin project | Exploit | - |  |
CVE-2021-46009In Totolink A3100R V5.9c.4577, multiple pages can be read by curl or Burp Suite without authentication. Additionally, admin configurations can be set without cookies. | CVSS 9.8 | Totolink | Exploit | Patched |  |
CVE-2021-46006In Totolink A3100R V5.9c.4577, "test.asp" contains an API-like function, which is not authenticated. Using this function, an attacker can configure multiple settings without authentication. | CVSS 6.5 | Totolink | Exploit | Patched |  |
CVE-2021-45878Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by incorrect access control. Lack of access control on the web manger pages allows any user to view and modify information. | CVSS 9.1 | Garo | - | - |  |
CVE-2021-45420** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerability in /cgi-bin/logo_extra_upload.cgi, /cgi-bin/cal_save.cgi, and /cgi-bin/lo_utils.cgi. An attacker will be able to write any file on the target system without any kind of authentication mechanism, and this can lead to denial of service and potentially remote code execution. Note: the product has not been supported since 2018 and should be removed or replaced. | CVSS 9.8 | Emerson | Exploit | Patched |  |
CVE-2021-45232In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduces framework `droplet` on the basis of framework `gin`, all APIs and authentication middleware are developed based on framework `droplet`, but some API directly use the interface of framework `gin` thus bypassing the authentication. | CVSS 9.8 | Apache | Exploit | Patched |  |
CVE-2021-44262A vulnerability is in the 'MNU_top.htm' page of the Netgear W104, version WAC104-V1.0.4.13, which can allow a remote attacker to access this page without any authentication. When processed, it exposes some key information for the device. | CVSS 7.5 | Netgear | Exploit | Patched |  |
CVE-2021-44261A vulnerability is in the 'BRS_top.html' page of the Netgear W104, version WAC104-V1.0.4.13, which can allow a remote attacker to access this page without any authentication. When processed, it exposes firmware version information for the device. | CVSS 5.3 | Netgear | Exploit | Patched |  |
CVE-2021-44260A vulnerability is in the 'live_mfg.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6-20180418, which can allow a remote attacker to access this page without any authentication. When processed, it exposes some key information of the manager of router. | CVSS 7.5 | Wavlink | Exploit | - |  |
CVE-2021-44259A vulnerability is in the 'wx.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6-20180418, which can allow a remote attacker to access this page without any authentication. When an unauthorized user accesses this page directly, it connects to this device as a friend of the device owner. | CVSS 9.8 | Wavlink | Exploit | - |  |
CVE-2021-44255Authenticated remote code execution in MotionEye <= 0.42.1 and MotioneEyeOS <= 20200606 allows a remote attacker to upload a configuration backup file containing a malicious python pickle file which will execute arbitrary code on the server. | CVSS 7.2 | Motioneye project | Exploit | - |  |
CVE-2021-44222A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The underlying MQTT service of affected systems does not perform authentication in the default configuration. This could allow an unauthenticated remote attacker to send arbitrary messages to the service and thereby issue arbitrary requests in the affected system. | CVSS 9.1 | Siemens | - | Patched |  |
CVE-2021-44152An issue was discovered in Reprise RLM 14.2. Because /goform/change_password_process does not verify authentication or authorization, an unauthenticated user can change the password of any existing user. This allows an attacker to change the password of any known user, thereby preventing valid users from accessing the system and granting the attacker full access to that user's account. | CVSS 9.8 | Reprisesoftware | Exploit | Patched |  |
CVE-2021-44077Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration. | CVSS 9.8 | Zohocorp | Exploit | Patched |  |
CVE-2021-43974An issue was discovered in SysAid ITIL 20.4.74 b10. The /enduserreg endpoint is used to register end users anonymously, but does not respect the server-side setting that determines if anonymous users are allowed to register new accounts. Configuring the server-side setting to disable anonymous user registration only hides the client-side registration form. An attacker can still post registration data to create new accounts without prior authentication. | CVSS 5.3 | Sysaid | Exploit | Patched |  |
CVE-2021-43832Spinnaker is an open source, multi-cloud continuous delivery platform. Spinnaker has improper permissions allowing pipeline creation & execution. This lets an arbitrary user with access to the gate endpoint to create a pipeline and execute it without authentication. If users haven't setup Role-based access control (RBAC) with-in spinnaker, this enables remote execution and access to deploy almost any resources on any account. Patches are available on the latest releases of the supported branches and users are advised to upgrade as soon as possible. Users unable to upgrade should enable RBAC on ALL accounts and applications. This mitigates the ability of a pipeline to affect any accounts. Block application access unless permission are enabled. Users should make sure ALL application creation is restricted via appropriate wildcards. | CVSS 9.8 | Linuxfoundation | - | - |  |
CVE-2021-43483An Access Control vulnerability exists in CLARO KAON CG3000 1.00.67 in the router configuration, which could allow a malicious user to read or update the configuraiton without authentication. | CVSS 8 | Claro | Exploit | - |  |
CVE-2021-43333The Datalogic DXU service on (for example) DL-Axist devices does not require authentication for configuration changes or disclosure of configuration settings. | CVSS 6.5 | Datalogic | - | - |  |
CVE-2021-42893In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, etc.) without authorization through getSysStatusCfg. | CVSS 7.5 | Totolink | Exploit | - |  |
CVE-2021-42891In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, etc.) without authorization. | CVSS 7.5 | Totolink | Exploit | - |  |
CVE-2021-42889In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, wifiname, etc.) without authorization. | CVSS 7.5 | Totolink | Exploit | - |  |
CVE-2021-42783Missing Authentication for Critical Function vulnerability in debug_post_set.cgi of D-Link DWR-932C E1 firmware allows an unauthenticated attacker to execute administrative actions. | CVSS 9.8 | Dlink | - | Patched |  |
CVE-2021-42539The affected product is vulnerable to a missing permission validation on system backup restore, which could lead to account take over and unapproved settings change. | CVSS 8.8 | Emerson | - | Patched |  |
CVE-2021-41976Tad Uploader edit book list function is vulnerable to authorization bypass, thus remote attackers can use the function to amend the folder names in the book list without logging in. | CVSS 5.3 | Tad uploader project | - | - |  |
CVE-2021-41975TadTools special page is vulnerable to authorization bypass, thus remote attackers can use the specific parameter to delete arbitrary files in the system without logging in. | CVSS 9.1 | Tadtools project | - | - |  |
CVE-2021-41974Tad Book3 editing book page does not perform identity verification. Remote attackers can use the vulnerability to view and modify arbitrary content of books without permission. | CVSS 9.1 | Tad book3 project | - | - |  |
CVE-2021-41568Tad Web is vulnerable to authorization bypass, thus remote attackers can exploit the vulnerability to use the original function of viewing bulletin boards and uploading files in the system. | CVSS 6.5 | Tad web project | - | - |  |
CVE-2021-41418AriaNg v0.1.0~v1.2.2 is affected by an incorrect access control vulnerability through not authenticating visitors' access rights. | CVSS 9.8 | Exploit | - |  | |
CVE-2021-41266Minio console is a graphical user interface for the for MinIO operator. Minio itself is a multi-cloud object storage project. Affected versions are subject to an authentication bypass issue in the Operator Console when an external IDP is enabled. All users on release v0.12.2 and before are affected and are advised to update to 0.12.3 or newer. Users unable to upgrade should add automountServiceAccountToken: false to the operator-console deployment in Kubernetes so no service account token will get mounted inside the pod, then disable the external identity provider authentication by unset the CONSOLE_IDP_URL, CONSOLE_IDP_CLIENT_ID, CONSOLE_IDP_SECRET and CONSOLE_IDP_CALLBACK environment variable and instead use the Kubernetes service account token. | CVSS 9.8 | Min | Exploit | Patched |  |
CVE-2021-41157FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. By default, SIP requests of the type SUBSCRIBE are not authenticated in the affected versions of FreeSWITCH. Abuse of this security issue allows attackers to subscribe to user agent event notifications without the need to authenticate. This abuse poses privacy concerns and might lead to social engineering or similar attacks. For example, attackers may be able to monitor the status of target SIP extensions. Although this issue was fixed in version v1.10.6, installations upgraded to the fixed version of FreeSWITCH from an older version, may still be vulnerable if the configuration is not updated accordingly. Software upgrades do not update the configuration by default. SIP SUBSCRIBE messages should be authenticated by default so that FreeSWITCH administrators do not need to explicitly set the `auth-subscriptions` parameter. When following such a recommendation, a new parameter can be introduced to explicitly disable authentication. | CVSS 5.3 | Freeswitch | Exploit | Patched |  |
CVE-2021-41104ESPHome is a system to control the ESP8266/ESP32. Anyone with web_server enabled and HTTP basic auth configured on version 2021.9.1 or older is vulnerable to an issue in which `web_server` allows over-the-air (OTA) updates without checking user defined basic auth username & password. This issue is patched in version 2021.9.2. As a workaround, one may disable or remove `web_server`. | CVSS 7.5 | Esphome | - | Patched |  |
CVE-2021-39879Missing authentication in all versions of GitLab CE/EE since version 7.11.0 allows an attacker with access to a victim's session to disable two-factor authentication | CVSS 3.5 | Gitlab | - | Patched |  |
CVE-2021-39233In Apache Ozone versions prior to 1.2.0, Container related Datanode requests of Ozone Datanode were not properly authorized and can be called by any client. | CVSS 9.1 | Apache | - | Patched |  |
CVE-2021-39144XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose. | CVSS 8.5 | Oracle, et al | Exploit | Patched |  |
CVE-2021-38540The variable import endpoint was not protected by authentication in Airflow >=2.0.0, <2.1.3. This allowed unauthenticated users to hit that endpoint to add/modify Airflow variables used in DAGs, potentially resulting in a denial of service, information disclosure or remote code execution. This issue affects Apache Airflow >=2.0.0, <2.1.3. | CVSS 9.8 | Apache | Exploit | Patched |  |
CVE-2021-38457The server permits communication without any authentication procedure, allowing the attacker to initiate a session with the server without providing any form of authentication. | CVSS 9.8 | Auvesy | - | Patched |  |
CVE-2021-38412Properly formatted POST requests to multiple resources on the HTTP and HTTPS web servers of the Digi PortServer TS 16 Rack device do not require authentication or authentication tokens. This vulnerability could allow an attacker to enable the SNMP service and manipulate the community strings to achieve further control in. | CVSS 9.8 | Digi | - | - |  |
CVE-2021-38283Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote attackers to read application log files containing sensitive information via a predictable /log URI. | CVSS 7.5 | Wipro | Exploit | - |  |
CVE-2021-3825On 2.1.15 version and below of Lider module in LiderAhenk software is leaking it's configurations via an unsecured API. An attacker with an access to the configurations API could get valid LDAP credentials.
| CVSS 9.6 | Pardus | Exploit | - |  |
CVE-2021-38147Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote attackers to download arbitrary files, such as reports containing sensitive information, because authentication is not required for API access to processexecution/DownloadExcelFile/Domain_Credential_Report_Excel, processexecution/DownloadExcelFile/User_Report_Excel, processexecution/DownloadExcelFile/Process_Report_Excel, processexecution/DownloadExcelFile/Infrastructure_Report_Excel, or processexecution/DownloadExcelFile/Resolver_Report_Excel. | CVSS 7.5 | Wipro | Exploit | - |  |
CVE-2021-37843The resolution SAML SSO apps for Atlassian products allow a remote attacker to login to a user account when only the username is known (i.e., no other authentication is provided). The fixed versions are for Jira: 3.6.6.1, 4.0.12, 5.0.5; for Confluence 3.6.6, 4.0.12, 5.0.5; for Bitbucket 2.5.9, 3.6.6, 4.0.12, 5.0.5; for Bamboo 2.5.9, 3.6.6, 4.0.12, 5.0.5; and for Fisheye 2.5.9. | CVSS 9.8 | Atlassian | - | - |  |
CVE-2021-37697tmerc-cogs are a collection of open source plugins for the Red Discord bot. A vulnerability has been found in the code that allows any user to access sensitive information by crafting a specific membership event message. Issue is patched in commit d63c49b4cfc30c795336e4fff08cba3795e0fcc0. As a workaround users may unload the Welcome cog. | CVSS 6.5 | Tmerc-cogs project | - | Patched |  |
CVE-2021-37696tmerc-cogs are a collection of open source plugins for the Red Discord bot. A vulnerability has been found in the code that allows any user to access sensitive information by crafting a specific MassDM message. Issue is patched in commit 92325be650a6c17940cc52611797533ed95dbbe1. All users are advised to update to the current commit. As a workaround users may unload the MassDM cog or globally disable the `[p]massdm` command. | CVSS 6.5 | Tmerc-cogs project | - | Patched |  |
CVE-2021-37624FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.7, FreeSWITCH does not authenticate SIP MESSAGE requests, leading to spam and message spoofing. By default, SIP requests of the type MESSAGE (RFC 3428) are not authenticated in the affected versions of FreeSWITCH. MESSAGE requests are relayed to SIP user agents registered with the FreeSWITCH server without requiring any authentication. Although this behaviour can be changed by setting the `auth-messages` parameter to `true`, it is not the default setting. Abuse of this security issue allows attackers to send SIP MESSAGE messages to any SIP user agent that is registered with the server without requiring authentication. Additionally, since no authentication is required, chat messages can be spoofed to appear to come from trusted entities. Therefore, abuse can lead to spam and enable social engineering, phishing and similar attacks. This issue is patched in version 1.10.7. Maintainers recommend that this SIP message type is authenticated by default so that FreeSWITCH administrators do not need to be explicitly set the `auth-messages` parameter. When following such a recommendation, a new parameter can be introduced to explicitly disable authentication. | CVSS 7.5 | Freeswitch | Exploit | - |  |
CVE-2021-37420Zoho ManageEngine ADSelfService Plus before 6112 is vulnerable to mail spoofing. | CVSS 6.5 | Zohocorp | Exploit | Patched |  |
CVE-2021-37415Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that allows a few REST-API URLs without authentication. | CVSS 9.8 | Zohocorp | - | Patched |  |
CVE-2021-36888Unauthenticated Arbitrary Options Update vulnerability leading to full website compromise discovered in Image Hover Effects Ultimate (versions <= 9.6.1) WordPress plugin. | CVSS 9.8 | Blocksera | - | Patched |  |
CVE-2021-36780A Missing Authentication for Critical Function vulnerability in longhorn of SUSE Longhorn allows attackers to connect to a longhorn-engine replica instance granting it the ability to read and write data to and from a replica that they should not have access to. This issue affects: SUSE Longhorn longhorn versions prior to 1.1.3; longhorn versions prior to 1.2.3v. | CVSS 8.1 | Linuxfoundation | - | Patched |  |
CVE-2021-36779A Missing Authentication for Critical Function vulnerability in SUSE Longhorn allows any workload in the cluster to execute any binary present in the image on the host without authentication. This issue affects: SUSE Longhorn longhorn versions prior to 1.1.3; longhorn versions prior to 1.2.3. | CVSS 9.6 | Linuxfoundation | - | Patched |  |
CVE-2021-36200Under certain circumstances an unauthenticated user could access the the web API for Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.2 and enumerate users. | CVSS 5.3 | Johnsoncontrols | - | Patched |  |
CVE-2021-36124An issue was discovered in Echo ShareCare 8.15.5. It does not perform authentication or authorization checks when accessing a subset of sensitive resources, leading to the ability for unauthenticated users to access pages that are vulnerable to attacks such as SQL injection. | CVSS 9.8 | Echobh | - | - |  |
CVE-2021-35979An issue was discovered in Digi RealPort through 4.8.488.0. The 'encrypted' mode is vulnerable to man-in-the-middle attacks and does not perform authentication. | CVSS 8.1 | Digi | - | - |  |
CVE-2021-35941Western Digital WD My Book Live (2.x and later) and WD My Book Live Duo (all versions) have an administrator API that can perform a system factory restore without authentication, as exploited in the wild in June 2021, a different vulnerability than CVE-2018-18472. | CVSS 7.5 | Westerndigital | Exploit | Patched |  |
CVE-2021-35936If remote logging is not used, the worker (in the case of CeleryExecutor) or the scheduler (in the case of LocalExecutor) runs a Flask logging server and is listening on a specific port and also binds on 0.0.0.0 by default. This logging server had no authentication and allows reading log files of DAG jobs. This issue affects Apache Airflow < 2.1.2. | CVSS 5.3 | Apache | - | Patched |  |
CVE-2021-3589An authorization flaw was found in Foreman Ansible. An authenticated attacker with certain permissions to create and run Ansible jobs can access hosts through job templates. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | CVSS 8 | Theforeman, et al | - | Patched |  |
CVE-2021-35587Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: OpenSSO Agent). Supported versions that are affected are 11.1.2.3.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. Successful attacks of this vulnerability can result in takeover of Oracle Access Manager. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). | CVSS 9.8 | Oracle | Exploit | Patched |  |
CVE-2021-34983NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of authentication prior to allowing access to system configuration information. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-13708. | CVSS Low | Netgear | - | - |  |
CVE-2021-34870This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR XR1000 1.0.0.52_1.0.38 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of SOAP messages. The issue results from a lack of authentication required for a privileged request. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-13325. | CVSS 6.5 | Netgear | Exploit | Patched |  |
CVE-2021-34621A vulnerability in the user registration component found in the ~/src/Classes/RegistrationAuth.php file of the ProfilePress WordPress plugin made it possible for users to register on sites as an administrator. This issue affects versions 3.0.0 - 3.1.3. . | CVSS 9.8 | Properfraction | Exploit | - |  |
CVE-2021-34543The web administration server in Solar-Log 500 before 2.8.2 Build 52 does not require authentication, which allows remote attackers to gain administrative privileges by connecting to the server. As a result, the attacker can modify configuration files and change the system status. | CVSS 7.5 | Bkw | Exploit | Patched |  |
CVE-2021-34538Apache Hive before 3.1.3 "CREATE" and "DROP" function operations does not check for necessary authorization of involved entities in the query. It was found that an unauthorized user can manipulate an existing UDF without having the privileges to do so. This allowed unauthorized or underprivileged users to drop and recreate UDFs pointing them to new jars that could be potentially malicious. | CVSS 7.5 | Apache | - | Patched |  |
CVE-2021-33882A Missing Authentication for Critical Function vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote attacker to reconfigure the device from an unknown source because of lack of authentication on proprietary networking commands. | CVSS 8.6 | Bbraun | - | - |  |
CVE-2021-33843Fresenius Kabi Agilia SP MC WiFi vD25 and prior has a default configuration page accessible without authentication. An attacker may use this functionality to change the exposed configuration values such as network settings. | CVSS 5.3 | Fresenius-kabi | - | - |  |
CVE-2021-33658atune before 0.3-0.8 log in as a local user and run the curl command to access the local atune url interface to escalate the local privilege or modify any file. Authentication is not forcibly enabled in the default configuration. | CVSS 7.8 | Huawei | - | Patched |  |
CVE-2021-33543Multiple camera devices by UDP Technology, Geutebrück and other vendors allow unauthenticated remote access to sensitive files due to default user authentication settings. This can lead to manipulation of the device and denial of service. | CVSS 9.8 | Geutebrueck | Exploit | - |  |
CVE-2021-33346There is an arbitrary password modification vulnerability in a D-LINK DSL-2888A router product. An attacker can use this vulnerability to modify the password of the admin user without authorization. | CVSS 9.8 | Dlink | Exploit | Patched |  |
CVE-2021-33259Several web interfaces in D-Link DIR-868LW 1.12b have no authentication requirements for access, allowing for attackers to obtain users' DNS query history. | CVSS 5.3 | Dlink | Exploit | - |  |