Vulnerabilities (CVE)

Filtered by CWE-306
Total 1496 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-21306 1 Microsoft 7 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 4 more 2024-11-21 N/A 5.7 MEDIUM
Microsoft Bluetooth Driver Spoofing Vulnerability
CVE-2024-20391 2024-11-21 N/A 6.8 MEDIUM
A vulnerability in the Network Access Manager (NAM) module of Cisco Secure Client could allow an unauthenticated attacker with physical access to an affected device to elevate privileges to SYSTEM. This vulnerability is due to a lack of authentication on a specific function. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges on an affected device.
CVE-2024-1491 2024-11-21 N/A 7.5 HIGH
The devices allow access to an unprotected endpoint that allows MPFS file system binary image upload without authentication. The MPFS2 file system module provides a light-weight read-only file system that can be stored in external EEPROM, external serial flash, or internal flash program memory. This file system serves as the basis for the HTTP2 web server module, but is also used by the SNMP module and is available to other applications that require basic read-only storage capabilities. This can be exploited to overwrite the flash program memory that holds the web server's main interfaces and execute arbitrary code.
CVE-2024-0949 2024-11-21 N/A 9.8 CRITICAL
Improper Access Control, Missing Authorization, Incorrect Authorization, Incorrect Permission Assignment for Critical Resource, Missing Authentication, Weak Authentication, Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Talya Informatics Elektraweb allows Exploiting Incorrectly Configured Access Control Security Levels, Manipulating Web Input to File System Calls, Embedding Scripts within Scripts, Malicious Logic Insertion, Modification of Windows Service Configuration, Malicious Root Certificate, Intent Spoof, WebView Exposure, Data Injected During Configuration, Incomplete Data Deletion in a Multi-Tenant Environment, Install New Service, Modify Existing Service, Install Rootkit, Replace File Extension Handlers, Replace Trusted Executable, Modify Shared File, Add Malicious File to Shared Webroot, Run Software at Logon, Disable Security Software.This issue affects Elektraweb: before v17.0.68.
CVE-2023-6949 2024-11-21 N/A 5.2 MEDIUM
A Missing Authentication for Critical Function issue affecting the HTTP service running on the DJI Mavic Mini 3 Pro on the standard port 80 could allow an attacker to enumerate and download videos and pictures saved on the drone internal or external memory without requiring any kind of authentication.
CVE-2023-6718 1 Europeana 1 Repox 2024-11-21 N/A 9.4 CRITICAL
An authentication bypass vulnerability has been found in Repox, which allows a remote user to send a specially crafted POST request, due to the lack of any authentication method, resulting in the alteration or creation of users.
CVE-2023-6595 1 Progress 1 Whatsup Gold 2024-11-21 N/A 7.5 HIGH
In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an authentication mechanism. It is possible for an unauthenticated attacker to enumerate ancillary credential information stored within WhatsUp Gold.
CVE-2023-6368 1 Progress 1 Whatsup Gold 2024-11-21 N/A 5.9 MEDIUM
In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an authentication mechanism. It is possible for an unauthenticated attacker to enumerate information related to a registered device being monitored by WhatsUp Gold.
CVE-2023-6221 1 Machinesense 2 Feverwarn, Feverwarn Firmware 2024-11-21 N/A 7.7 HIGH
The cloud provider MachineSense uses for integration and deployment for multiple MachineSense devices, such as the programmable logic controller (PLC), PumpSense, PowerAnalyzer, FeverWarn, and others is insufficiently protected against unauthorized access. An attacker with access to the internal procedures could view source code, secret credentials, and more.
CVE-2023-5935 2024-11-21 N/A 7.4 HIGH
When configuring Arc (e.g. during the first setup), a local web interface is provided to ease the configuration process. Such web interface lacks authentication and may thus be abused by a local attacker or malware running on the machine itself. A malicious local user or process, during a window of opportunity when the local web interface is active, may be able to extract sensitive information or change Arc's configuration. This could also lead to arbitrary code execution if a malicious update package is installed.
CVE-2023-5881 1 Geniecompany 2 Aladdin Connect Garage Door Opener, Aladdin Connect Garage Door Opener Firmware 2024-11-21 N/A 8.2 HIGH
Unauthenticated access permitted to web interface page The Genie Company Aladdin Connect (Retrofit-Kit Model ALDCM) "Garage Door Control Module Setup" and modify the Garage door's SSID settings.
CVE-2023-5716 1 Asus 1 Armoury Crate 2024-11-21 N/A 9.8 CRITICAL
ASUS Armoury Crate has a vulnerability in arbitrary file write and allows remote attackers to access or modify arbitrary files by sending specific HTTP requests without permission.
CVE-2023-5253 1 Nozominetworks 2 Cmc, Guardian 2024-11-21 N/A 5.3 MEDIUM
A missing authentication check in the WebSocket channel used for the Check Point IoT integration in Nozomi Networks Guardian and CMC, may allow an unauthenticated attacker to obtain assets data without authentication. Malicious unauthenticated users with knowledge on the underlying system may be able to extract limited asset information.
CVE-2023-51587 2024-11-21 N/A 7.5 HIGH
Voltronic Power ViewPower getModbusPassword Missing Authentication Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getModbusPassword method. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-22073.
CVE-2023-50263 1 Networktocode 1 Nautobot 2024-11-21 N/A 3.7 LOW
Nautobot is a Network Source of Truth and Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database. In Nautobot 1.x and 2.0.x prior to 1.6.7 and 2.0.6, the URLs `/files/get/?name=...` and `/files/download/?name=...` are used to provide admin access to files that have been uploaded as part of a run request for a Job that has FileVar inputs. Under normal operation these files are ephemeral and are deleted once the Job in question runs. In the default implementation used in Nautobot, as provided by `django-db-file-storage`, these URLs do not by default require any user authentication to access; they should instead be restricted to only users who have permissions to view Nautobot's `FileProxy` model instances. Note that no URL mechanism is provided for listing or traversal of the available file `name` values, so in practice an unauthenticated user would have to guess names to discover arbitrary files for download, but if a user knows the file name/path value, they can access it without authenticating, so we are considering this a vulnerability. Fixes are included in Nautobot 1.6.7 and Nautobot 2.0.6. No known workarounds are available other than applying the patches included in those versions.
CVE-2023-4884 1 Open5gs 1 Open5gs 2024-11-21 N/A 6.5 MEDIUM
An attacker could send an HTTP request to an Open5GS endpoint and retrieve the information stored on the device due to the lack of Authentication.
CVE-2023-4857 2024-11-21 N/A 7.5 HIGH
An authentication bypass vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user to execute certain IPMI calls that could lead to exposure of limited system information.
CVE-2023-4815 1 Answer 1 Answer 2024-11-21 N/A 8.8 HIGH
Missing Authentication for Critical Function in GitHub repository answerdev/answer prior to v1.1.3.
CVE-2023-4516 1 Schneider-electric 1 Interactive Graphical Scada System 2024-11-21 N/A 7.8 HIGH
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the IGSS Update Service that could allow a local attacker to change update source, potentially leading to remote code execution when the attacker force an update containing malicious content.
CVE-2023-4335 2 Broadcom, Linux 2 Raid Controller Web Interface, Linux Kernel 2024-11-21 N/A 7.5 HIGH
Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on Linux