CWE-306— Missing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.— MITRE CWE catalog
2,404 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-306page 7 of 49
- CVE-2019-5078CRITICALCVSS 9.1EG 9.12019-12-18
An exploitable denial of service vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set …
- CVE-2019-5080CRITICALCVSS 9.1EG 9.12019-12-18
An exploitable denial-of-service vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC 200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A single packet can cau…
- CVE-2019-5152HIGHCVSS 7.4EG 7.42019-12-18
An exploitable information disclosure vulnerability exists in the network packet handling functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher, a specially crafted set of network packets can cause an outbound connection…
- CVE-2019-5163HIGHCVSS 7.5EG 7.52019-12-03
An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a local_address, arbitrary UDP packets can cause a FATAL error code path and exit. An attack…
- CVE-2019-5164HIGHCVSS 7.8EG 7.82019-12-03
An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege es…
- CVE-2019-5451MEDIUMCVSS 4.6EG 4.62019-07-30
Bypass lock protection in the Nextcloud Android app prior to version 3.6.1 allows accessing the files when repeatedly opening and closing the app in a very short time.
- CVE-2019-5504CRITICALCVSS 9.8EG 9.82019-09-24
ONTAP Select Deploy administration utility versions 2.12 & 2.12.1 ship with an HTTP service bound to the network allowing unauthenticated remote attackers to perform administrative actions.
- CVE-2019-5514HIGHCVSS 8.8EG 8.82019-04-01
VMware VMware Fusion (11.x before 11.0.3) contains a security vulnerability due to certain unauthenticated APIs accessible through a web socket. An attacker may exploit this issue by tricking the host user to execute a JavaScript to perfor…
- CVE-2019-5591MEDIUMCVSS 6.5EG 9.0⚠ KEV2020-08-14
A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the LDAP server.
- CVE-2019-5617CRITICALCVSS 10.0EG 10.02019-11-06
Computing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.4 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may change the password of any a…
- CVE-2019-5620CRITICALCVSS 9.8EG 9.82020-04-29
ABB MicroSCADA Pro SYS600 version 9.3 suffers from an instance of CWE-306: Missing Authentication for Critical Function.
- CVE-2019-5643MEDIUMCVSS 5.3EG 5.32019-11-06
Computing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.5 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may enumerate the user names and…
- CVE-2019-5644CRITICALCVSS 10.0EG 9.82019-11-06
Computing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.5 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may alter several facets of a us…
- CVE-2019-6447HIGHCVSS 8.1EG 8.12019-01-16
The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after th…
- CVE-2019-6451HIGHCVSS 7.5EG 7.52019-06-06
On SOYAL AR-727H and AR-829Ev5 devices, all CGI programs allow unauthenticated POST access.
- CVE-2019-6533CRITICALCVSS 9.1EG 9.12019-02-12
Registers used to store Modbus values can be read and written from the web interface without authentication in the PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166).
- CVE-2019-6538CRITICALCVSS 9.3EG 6.52019-03-25
The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and 24952, CareLink Monitor version 2490C, CareLink 2090 Programmer, Amplia CRT-D, Claria CRT-D, Compia CRT-D, Concerto CRT-D, Concerto II CRT-D, Co…
- CVE-2019-6542HIGHCVSS 7.5EG 7.52019-03-28
ENTTEC Datagate MK2, Storm 24, Pixelator all firmware versions prior to (70044,70050,70060)_update_05032019-482 allows an unauthenticated user to initiate a remote reboot, which may be used to cause a denial of service condition.
- CVE-2019-6543CRITICALCVSS 9.8EG 9.82019-02-13
AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) prior to Version 2017 Update. Code is executed under the program runtime privileges, which could lead to the compromis…
- CVE-2019-6652MEDIUMCVSS 6.5EG 6.52019-09-25
In BIG-IQ 6.0.0-6.1.0, services for stats do not require authentication nor do they implement any form of Transport Layer Security (TLS).
- CVE-2019-6808CRITICALCVSS 9.8EG 9.82019-05-22
A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a remote code execution by overwriting configuration settings of the controll…
- CVE-2019-6820HIGHCVSS 8.2EG 8.22019-05-22
A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration (IP address, network mask and gateway IP address) when a specific Ethernet frame is received in all ve…
- CVE-2019-6958CRITICALCVSS 9.1EG 9.12019-05-29
A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Configuration Manager, Building Integration System (BIS) with Video Engine, Access Pr…
- CVE-2019-7389HIGHCVSS 7.5EG 7.52019-02-05
An issue was discovered in /bin/goahead on D-Link DIR-823G devices with the firmware 1.02B03. There is incorrect access control allowing remote attackers to reset the router without authentication via the SetFactoryDefault HNAP API. Conseq…
- CVE-2019-7390HIGHCVSS 8.6EG 8.62019-02-05
An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to hijack the DNS service configuration of all clients in the WLAN, without authenticatio…
- CVE-2019-7404HIGHCVSS 7.5EG 7.52019-05-13
An issue was discovered on LG GAMP-7100, GAPM-7200, and GAPM-8000 routers. An unauthenticated user can read a log file via an HTTP request containing its full pathname, such as http://192.168.0.1/var/gapm7100_${today's_date}.log for readin…
- CVE-2019-7564CRITICALCVSS 9.8EG 9.82019-05-07
An issue was discovered on Shenzhen Coship WM3300 WiFi Router 5.0.0.55 devices. The password reset functionality of the Wireless SSID doesn't require any type of authentication. By making a POST request to the regx/wireless/wl_security_2G.…
- CVE-2019-7642HIGHCVSS 7.5EG 7.52019-03-25
D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain users' DNS query logs and login logs. Vulnerable targets include but are not limited to the latest firmwa…
- CVE-2019-7727CRITICALCVSS 9.8EG 9.82019-04-23
In NICE Engage through 6.5, the default configuration binds an unauthenticated JMX/RMI interface to all network interfaces, without restricting registration of MBeans, which allows remote attackers to execute arbitrary code via the RMI pro…
- CVE-2019-8292MEDIUMCVSS 5.3EG 5.32019-10-01
Online Store System v1.0 delete_product.php doesn't check to see if a user authtenticated or has administrative rights allowing arbitrary product deletion.
- CVE-2019-8449MEDIUMCVSS 5.3EG 5.32019-09-11
The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability.
- CVE-2019-8522MEDIUMCVSS 5.5EG 5.52019-12-18
A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4. An encrypted volume may be unmounted and remounted by a different user without prompting for the password.
- CVE-2019-8682LOWCVSS 2.4EG 2.42019-12-18
The issue was addressed with improved UI handling. This issue is fixed in iOS 12.4, watchOS 5.3. A user may inadvertently complete an in-app purchase while on the lock screen.
- CVE-2019-8985CRITICALCVSS 9.8EG 9.82019-02-21
On Netis WF2411 with firmware 2.1.36123 and other Netis WF2xxx devices (possibly WF2411 through WF2880), there is a stack-based buffer overflow that does not require authentication. This can cause denial of service (device restart) or remo…
- CVE-2019-8993CRITICALCVSS 9.8EG 9.82019-04-24
The administrative web server component of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, TIBCO ActiveMatrix Policy Director, TIBCO ActiveMatrix Service Bus, TIBCO ActiveMatrix Se…
- CVE-2019-9082HIGHCVSS 8.8EG 9.0⚠ KEV2019-02-24
ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote Command Execution via public//?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]= followed by the command.
- CVE-2019-9105HIGHCVSS 7.5EG 7.52019-05-31
The WebApp v04.68 in the supervisor on SAET Impianti Speciali TEBE Small 05.01 build 1137 devices allows remote attackers to make several types of API calls without authentication, as demonstrated by retrieving password hashes via an inc/u…
- CVE-2019-9125CRITICALCVSS 9.8EG 9.82019-02-25
An issue was discovered on D-Link DIR-878 1.12B01 devices. Because strncpy is misused, there is a stack-based buffer overflow vulnerability that does not require authentication via the HNAP_AUTH HTTP header.
- CVE-2019-9201CRITICALCVSS 9.8EG 9.82019-02-26
Multiple Phoenix Contact devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make changes, as demonstrated by using the Create Backup feature to traverse all directories.
- CVE-2019-9484HIGHCVSS 7.5EG 7.52019-03-01
The Glen Dimplex Deutschland GmbH implementation of the Carel pCOWeb configuration tool allows remote attackers to obtain access via an HTTP session on port 10000, as demonstrated by reading the modem password (which is 1234), or reconfigu…
- CVE-2019-9529MEDIUMCVSS 5.5EG 5.52019-10-10
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, has no authentication by default. This could allow an unauthenticated, local attacker connected to the device to access the portal and to make any change to the …
- CVE-2019-9585CRITICALCVSS 9.8EG 9.82019-08-14
eQ-3 Homematic CCU2 prior to 2.47.10 and CCU3 prior to 3.47.10 JSON API has Improper Access Control for Interface.***Metadata related operations, resulting in the ability to read, set and deletion of Metadata.
- CVE-2019-9727HIGHCVSS 7.5EG 7.52019-05-13
Unauthenticated password hash disclosure in the User.getUserPWD method in eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to retrieve the GUI password hashes of GUI users. This vulnerability can be exploited by unauthent…
- CVE-2019-9871CRITICALCVSS 9.8EG 9.82019-05-31
Jector Smart TV FM-K75 devices allow remote code execution because there is an adb open port with root permission.
- CVE-2019-9879CRITICALCVSS 9.8EG 9.82019-06-10
The WPGraphQL 0.2.3 plugin for WordPress allows remote attackers to register a new user with admin privileges, whenever new user registrations are allowed. This is related to the registerUser mutation.
- CVE-2019-9880CRITICALCVSS 9.1EG 9.12019-06-10
An issue was discovered in the WPGraphQL 0.2.3 plugin for WordPress. By querying the 'users' RootQuery, it is possible, for an unauthenticated attacker, to retrieve all WordPress users details such as email address, role, and username.
- CVE-2019-9881MEDIUMCVSS 5.3EG 5.32019-06-10
The createComment mutation in the WPGraphQL 0.2.3 plugin for WordPress allows unauthenticated users to post comments on any article, even when 'allow comment' is disabled.
- CVE-2019-9934MEDIUMCVSS 5.3EG 5.32019-08-28
Various Lexmark products have Incorrect Access Control (issue 1 of 2).
- CVE-2019-9935MEDIUMCVSS 5.3EG 5.32019-08-28
Various Lexmark products have Incorrect Access Control (issue 2 of 2).
- CVE-2019-9974CRITICALCVSS 9.1EG 9.12019-04-11
diag_tool.cgi on DASAN H660RM GPON routers with firmware 1.03-0022 lacks any authorization check, which allows remote attackers to run a ping command via a GET request to enumerate LAN devices or crash the router with a DoS attack.
Map vulnerabilities like CWE-306 to your infrastructure
EchelonGraph correlates every CVE — across CWE-306 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →