CWE-306— Missing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.— MITRE CWE catalog
2,405 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-306page 22 of 49
- CVE-2023-25014HIGHCVSS 8.6EG 8.62023-02-02
An issue was discovered in the femanager extension before 5.5.3, 6.x before 6.3.4, and 7.x before 7.1.0 for TYPO3. Missing access checks in the InvitationController allow an unauthenticated user to delete all frontend users.
- CVE-2023-25493MEDIUMCVSS 6.7EG 6.72024-04-05
A potential vulnerability was reported in the BIOS update tool driver for some Desktop, Smart Edge, Smart Office, and ThinkStation products that could allow a local user with elevated privileges to execute arbitrary code.
- CVE-2023-25570HIGHCVSS 7.5EG 7.52023-02-20
Apollo is a configuration management system. Prior to version 2.1.0, there are potential security issues if users expose apollo-configservice to the internet, which is not recommended. This is because there is no authentication feature ena…
- CVE-2023-25589CRITICALCVSS 9.8EG 9.82023-03-22
A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an unauthenticated remote attacker to create arbitrary users on the platform. A successful exploit allows an attacker to achieve total cluster co…
- CVE-2023-25615MEDIUMCVSS 6.8EG 4.92023-03-14
Due to insufficient input sanitization, SAP ABAP - versions 751, 753, 753, 754, 756, 757, 791, allows an authenticated high privileged user to alter the current session of the user by injecting the malicious database queries over the netwo…
- CVE-2023-25780MEDIUMCVSS 5.7EG 5.72023-06-02
It is identified a vulnerability of insufficient authentication in an important specific function of Status PowerBPM. A LAN attacker with normal user privilege can exploit this vulnerability to modify substitute agent to arbitrary users, r…
- CVE-2023-26570HIGHCVSS 7.5EG 7.52023-10-25
Missing authentication in the StudentPopupDetails_Timetable method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction sensitive student data by unauthenticated attackers.
- CVE-2023-26571HIGHCVSS 7.5EG 7.52023-10-25
Missing authentication in the SetStudentNotes method in IDAttend’s IDWeb application 3.1.052 and earlier allows modification of student data by unauthenticated attackers.
- CVE-2023-26573HIGHCVSS 8.2EG 8.22023-10-25
Missing authentication in the SetDB method in IDAttend’s IDWeb application 3.1.052 and earlier allows denial of service or theft of database login credentials.
- CVE-2023-26574HIGHCVSS 7.5EG 7.52023-10-25
Missing authentication in the SearchStudents method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction sensitive student data by unauthenticated attackers.
- CVE-2023-26575HIGHCVSS 7.5EG 7.52023-10-25
Missing authentication in the SearchStudentsStaff method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction sensitive student and teacher data by unauthenticated attackers.
- CVE-2023-26576HIGHCVSS 7.5EG 7.52023-10-25
Missing authentication in the SearchStudentsRFID method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction sensitive student data by unauthenticated attackers.
- CVE-2023-26579MEDIUMCVSS 5.3EG 5.32023-10-25
Missing authentication in the DeleteStaff method in IDAttend’s IDWeb application 3.1.013 allows deletion of staff information by unauthenticated attackers.
- CVE-2023-26580HIGHCVSS 7.5EG 7.52023-10-25
Unauthenticated arbitrary file read in the IDAttend’s IDWeb application 3.1.013 allows the retrieval of any file present on the web server by unauthenticated attackers.
- CVE-2023-2704CRITICALCVSS 9.8EG 9.82023-05-19
The BP Social Connect plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.5. This is due to insufficient verification on the user being supplied during a Facebook login through the plugin. This m…
- CVE-2023-27060CRITICALCVSS 9.8EG 9.82023-03-22
LightCMS v1.3.7 was discovered to contain a remote code execution (RCE) vulnerability via the image:make function.
- CVE-2023-27256MEDIUMCVSS 5.8EG 5.82023-10-25
Missing authentication in the GetLogFiles method in IDAttend’s IDWeb application 3.1.052 and earlier allows retrieval of sensitive log files by unauthenticated attackers.
- CVE-2023-27257HIGHCVSS 7.5EG 7.52023-10-25
Missing authentication in the GetActiveToiletPasses method in IDAttend’s IDWeb application 3.1.052 and earlier allows retrieval of student information by unauthenticated attackers.
- CVE-2023-27258HIGHCVSS 7.5EG 7.52023-10-25
Missing authentication in the GetStudentGroupStudents method in IDAttend’s IDWeb application 3.1.052 and earlier allows retrieval of student and teacher data by unauthenticated attackers.
- CVE-2023-27259HIGHCVSS 7.5EG 7.52023-10-25
Missing authentication in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student and teacher data by unauthenticated attackers.
- CVE-2023-27261MEDIUMCVSS 5.3EG 5.32023-10-25
Missing authentication in the DeleteAssignments method in IDAttend’s IDWeb application 3.1.052 and earlier allows deletion of data by unauthenticated attackers.
- CVE-2023-27267CRITICALCVSS 9.0EG 8.12023-04-11
Due to missing authentication and insufficient input validation, the OSCommand Bridge of SAP Diagnostics Agent - version 720, allows an attacker with deep knowledge of the system to execute scripts on all connected Diagnostics Agents. On…
- CVE-2023-27290CRITICALCVSS 9.1EG 9.12023-03-03
Docker based datastores for IBM Instana (IBM Observability with Instana 239-0 through 239-2, 241-0 through 241-2, and 243-0) do not currently require authentication. Due to this, an attacker within the network could access the datastores w…
- CVE-2023-27357MEDIUMCVSS 6.5EG 6.52024-05-03
NETGEAR RAX30 GetInfo Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR RAX30 routers. Authentication is…
- CVE-2023-27375HIGHCVSS 7.5EG 7.52023-10-25
Missing authentication in the StudentPopupDetails_ContactDetails method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student data by unauthenticated attackers.
- CVE-2023-27376HIGHCVSS 7.5EG 7.52023-10-25
Missing authentication in the StudentPopupDetails_StudentDetails method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student data by unauthenticated attackers.
- CVE-2023-27377HIGHCVSS 7.5EG 7.52023-10-25
Missing authentication in the StudentPopupDetails_EmergencyContactDetails method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student data by unauthenticated attackers.
- CVE-2023-27396CRITICALCVSS 9.8EG 9.82023-06-19
FINS (Factory Interface Network Service) is a message communication protocol, which is designed to be used in closed FA (Factory Automation) networks, and is used in FA networks composed of OMRON products. Multiple OMRON products that impl…
- CVE-2023-27497CRITICALCVSS 10.0EG 9.82023-04-11
Due to missing authentication and input sanitization of code the EventLogServiceCollector of SAP Diagnostics Agent - version 720, allows an attacker to execute malicious scripts on all connected Diagnostics Agents running on Windows. On su…
- CVE-2023-27532HIGHCVSS 7.5EG 9.0⚠ KEV2023-03-10
Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts.
- CVE-2023-27571MEDIUMCVSS 5.3EG 5.32023-04-15
An issue was discovered in DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. The troubleshooting_logs_download.php log file download functionality does not check the session cookie. Thus, an attacker can download all log files.
- CVE-2023-27747HIGHCVSS 7.5EG 7.52023-04-13
BlackVue DR750-2CH LTE v.1.012_2022.10.26 does not employ authentication in its web server. This vulnerability allows attackers to access sensitive information such as configurations and recordings.
- CVE-2023-2781HIGHCVSS 8.1EG 8.12023-06-03
The User Email Verification for WooCommerce plugin for WordPress is vulnerable to authentication bypass via authenticate_user_by_email in versions up to, and including, 3.5.0. This is due to a random token generation weakness in the resend…
- CVE-2023-27980HIGHCVSS 8.8EG 8.82023-03-21
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server TCP interface that could allow the creation of a malicious report file in the IGSS project report directory, this could lead to remote code exe…
- CVE-2023-27983MEDIUMCVSS 6.5EG 5.32023-03-21
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server TCP interface that could allow deletion of reports from the IGSS project report directory, this would lead to loss of data when an attacker abu…
- CVE-2023-2827HIGHCVSS 7.9EG 7.92023-06-13
SAP Plant Connectivity - version 15.5 (PCo) or the Production Connector for SAP Digital Manufacturing - version 1.0, do not validate the signature of the JSON Web Token (JWT) in the HTTP request sent from SAP Digital Manufacturing. Therefo…
- CVE-2023-28326CRITICALCVSS 9.8EG 9.82023-03-28
Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.0.0 before 7.0.0 Description: Attacker can elevate their privileges in any room
- CVE-2023-2834CRITICALCVSS 9.8EG 9.82023-06-30
The BookIt plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.3.7. This is due to insufficient verification on the user being supplied during booking an appointment through the plugin. This make…
- CVE-2023-28461CRITICALCVSS 9.8EG 9.8⚠ KEV2023-03-15
Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could t…
- CVE-2023-28470MEDIUMCVSS 5.3EG 5.32023-03-23
In Couchbase Server 5 through 7 before 7.1.4, the nsstats endpoint is accessible without authentication.
- CVE-2023-28697CRITICALCVSS 9.8EG 9.82023-04-27
Moxa MiiNePort E1 has a vulnerability of insufficient access control. An unauthenticated remote user can exploit this vulnerability to perform arbitrary system operation or disrupt service.
- CVE-2023-28761MEDIUMCVSS 6.5EG 6.52023-04-11
In SAP NetWeaver Enterprise Portal - version 7.50, an unauthenticated attacker can attach to an open interface and make use of an open API to access a service which will enable them to access or modify server settings and data, leading t…
- CVE-2023-29060MEDIUMCVSS 5.4EG 5.42023-11-28
The FACSChorus workstation operating system does not restrict what devices can interact with its USB ports. If exploited, a threat actor with physical access to the workstation could gain access to system information and potentially exfilt…
- CVE-2023-29061MEDIUMCVSS 5.2EG 5.22023-11-28
There is no BIOS password on the FACSChorus workstation. A threat actor with physical access to the workstation can potentially exploit this vulnerability to access the BIOS configuration and modify the drive boot order and BIOS pre-boot a…
- CVE-2023-29063LOWCVSS 2.4EG 2.42023-11-28
The FACSChorus workstation does not prevent physical access to its PCI express (PCIe) slots, which could allow a threat actor to insert a PCI card designed for memory capture. A threat actor can then isolate sensitive information such as a…
- CVE-2023-29411CRITICALCVSS 9.8EG 9.82023-04-18
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow changes to administrative credentials, leading to potential remote code execution without requiring prior authentication on the Java RMI interfa…
- CVE-2023-29413HIGHCVSS 7.5EG 7.52023-04-18
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause Denial-of-Service when accessed by an unauthenticated user on the Schneider UPS Monitor service.
- CVE-2023-29485CRITICALCVSS 9.8EG 9.82023-12-21
An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard th…
- CVE-2023-30604CRITICALCVSS 9.8EG 9.82023-06-02
It is identified a vulnerability of insufficient authentication in the system configuration interface of Hitron Technologies CODA-5310. An unauthorized remote attacker can exploit this vulnerability to access system configuration interface…
- CVE-2023-30612MEDIUMCVSS 4.0EG 4.02023-04-19
Cloud hypervisor is a Virtual Machine Monitor for Cloud workloads. This vulnerability allows users to close arbitrary open file descriptors in the Cloud Hypervisor process via sending malicious HTTP request through the HTTP API socket. As …
Map vulnerabilities like CWE-306 to your infrastructure
EchelonGraph correlates every CVE — across CWE-306 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →