CWE-306— Missing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.— MITRE CWE catalog
2,404 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-306page 8 of 49
- CVE-2020-0052MEDIUMCVSS 4.3EG 4.32020-03-10
In smsSelected of AnswerFragment.java, there is a way to send an SMS from the lock screen due to a permissions bypass. This could lead to local escalation of privilege on the lock screen with no additional execution privileges needed. User…
- CVE-2020-10038CRITICALCVSS 9.8EG 9.82020-07-14
A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). An attacker with access to the device's web server might be able to execute administrative commands without …
- CVE-2020-10044HIGHCVSS 7.5EG 7.52020-07-14
A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). An attacker with access to the network could be able to install specially crafted firmware to the device.
- CVE-2020-10079MEDIUMCVSS 5.3EG 5.32020-03-13
GitLab 7.10 through 12.8.1 has Incorrect Access Control. Under certain conditions where users should have been required to configure two-factor authentication, it was not being required.
- CVE-2020-10124HIGHCVSS 7.1EG 7.12020-08-21
NCR SelfServ ATMs running APTRA XFS 05.01.00 do not encrypt, authenticate, or verify the integrity of messages between the BNA and the host computer, which could allow an attacker with physical access to the internal components of the ATM …
- CVE-2020-10148CRITICALCVSS 9.8EG 9.8⚠ KEV2020-12-29
The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may res…
- CVE-2020-10263MEDIUMCVSS 6.8EG 6.82020-04-08
An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.52.4. Attackers can get root shell by accessing the UART interface and then they can (i) read Wi-Fi SSID or password, (ii) read the dialogue text files between users and XIAOMI XI…
- CVE-2020-10264HIGHCVSS 8.8EG 8.82020-04-06
CB3 SW Version 3.3 and upwards, e-series SW Version 5.0 and upwards allow authenticated access to the RTDE (Real-Time Data Exchange) interface on port 30004 which allows setting registers, the speed slider fraction as well as digital and a…
- CVE-2020-10265CRITICALCVSS 9.4EG 9.42020-04-06
Universal Robots Robot Controllers Version CB2 SW Version 1.4 upwards, CB3 SW Version 3.0 and upwards, e-series SW Version 5.0 and upwards expose a service called DashBoard server at port 29999 that allows for control over core robot funct…
- CVE-2020-10272CRITICALCVSS 9.8EG 9.82020-06-24
MiR100, MiR200 and other MiR robots use the Robot Operating System (ROS) default packages exposing the computational graph without any sort of authentication. This allows attackers with access to the internal wireless and wired networks to…
- CVE-2020-10282CRITICALCVSS 9.8EG 9.82020-07-03
The Micro Air Vehicle Link (MAVLink) protocol presents no authentication mechanism on its version 1.0 (nor authorization) whichs leads to a variety of attacks including identity spoofing, unauthorized access, PITM attacks and more. Accordi…
- CVE-2020-10291HIGHCVSS 7.5EG 7.52020-11-06
Visual Components (owned by KUKA) is a robotic simulator that allows simulating factories and robots in order toimprove planning and decision-making processes. Visual Components software requires a special license which can beobtained from…
- CVE-2020-10537HIGHCVSS 7.8EG 7.82021-02-05
An issue was discovered in Epikur before 20.1.1. A Glassfish 4.1 server with a default configuration is running on TCP port 4848. No password is required to access it with the administrator account.
- CVE-2020-10605HIGHCVSS 7.5EG 7.52020-07-17
Grundfos CIM 500 before v06.16.00 responds to unauthenticated requests for password storage files.
- CVE-2020-10625CRITICALCVSS 9.8EG 9.82020-04-09
WebAccess/NMS (versions prior to 3.0.2) allows an unauthenticated remote user to create a new admin account.
- CVE-2020-10640CRITICALCVSS 10.0EG 10.02022-02-24
Emerson OpenEnterprise versions through 3.3.4 may allow an attacker to run an arbitrary commands with system privileges or perform remote code execution via a specific communication service.
- CVE-2020-10641HIGHCVSS 7.5EG 7.52020-04-28
An unprotected logging route may allow an attacker to write endless log statements into the database without space limits or authentication. This results in consuming the entire available hard-disk space on the Ignition 8 Gateway (versions…
- CVE-2020-10754MEDIUMCVSS 4.3EG 4.32020-06-08
It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path and 802-1x.phase2-ca-path settings, when creating a new profile. When a user connects to a network using this profile, the authentication doe…
- CVE-2020-10807MEDIUMCVSS 5.3EG 5.32020-03-22
auth_svc in Caldera before 2.6.5 allows authentication bypass (for REST API requests) via a forged "localhost" string in the HTTP Host header.
- CVE-2020-10833HIGHCVSS 7.5EG 7.52020-03-24
An issue was discovered on Samsung mobile devices with Q(10.0) software. The DeX Lockscreen allows attackers to access the quick panel and notifications. The Samsung ID is SVE-2019-16532 (March 2020).
- CVE-2020-10874HIGHCVSS 7.5EG 7.52020-03-23
Motorola FX9500 devices allow remote attackers to read database files.
- CVE-2020-10920CRITICALCVSS 9.8EG 9.82020-07-23
This vulnerability allows remote attackers to execute arbitrary code on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to exploit this vulnerability. The specific flaw exi…
- CVE-2020-10921CRITICALCVSS 9.8EG 9.82020-07-23
This vulnerability allows remote attackers to issue commands on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to exploit this vulnerability. The specific flaw exists with…
- CVE-2020-10965HIGHCVSS 8.1EG 8.12020-03-25
Teradici PCoIP Management Console 20.01.0 and 19.11.1 is vulnerable to unauthenticated password resets via login/resetadminpassword of the default admin account. This vulnerability only exists when the default admin account is not disabled…
- CVE-2020-10972HIGHCVSS 7.5EG 7.52020-05-07
An issue was discovered where a page is exposed that has the current administrator password in cleartext in the source code of the page. No authentication is required in order to reach the page (a certain live_?.shtml page with the variabl…
- CVE-2020-10973HIGHCVSS 7.5EG 7.52020-05-07
An issue was discovered in Wavlink WN530HG4, Wavlink WN531G3, Wavlink WN533A8, and Wavlink WN551K1 affecting /cgi-bin/ExportAllSettings.sh where a crafted POST request returns the current configuration of the device, including the administ…
- CVE-2020-10974HIGHCVSS 7.5EG 7.52020-05-07
An issue was discovered affecting a backup feature where a crafted POST request returns the current configuration of the device in cleartext, including the administrator password. No authentication is required. Affected devices: Wavlink WN…
- CVE-2020-11028MEDIUMCVSS 5.8EG 5.82020-04-30
In affected versions of WordPress, some private posts, which were previously public, can result in unauthenticated disclosure under a specific set of conditions. This has been patched in version 5.4.1, along with all the previously affecte…
- CVE-2020-11539HIGHCVSS 8.1EG 8.12020-04-22
An issue was discovered on Tata Sonata Smart SF Rush 1.12 devices. It has been identified that the smart band has no pairing (mode 0 Bluetooth LE security level) The data being transmitted over the air is not encrypted. Adding to this, the…
- CVE-2020-11547MEDIUMCVSS 5.3EG 9.02020-04-05
PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers to obtain information about probes running or the server itself (CPU usage, memory, Windows version, and internal statistics) via an HTTP request, as demonstr…
- CVE-2020-11579HIGHCVSS 7.5EG 7.52020-09-03
An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hos…
- CVE-2020-11598CRITICALCVSS 9.8EG 9.82020-04-06
An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Upload.ashx allows remote attackers to execute arbitrary code by uploading and executing an ASHX file.
- CVE-2020-11599HIGHCVSS 7.5EG 7.52020-04-06
An issue was discovered in CIPPlanner CIPAce 6.80 Build 2016031401. GetDistributedPOP3 allows attackers to obtain the username and password of the SMTP user.
- CVE-2020-11649MEDIUMCVSS 6.5EG 6.52020-04-22
An issue was discovered in GitLab CE and EE 8.15 through 12.9.2. Members of a group could still have access after the group is deleted.
- CVE-2020-11673CRITICALCVSS 9.8EG 9.82020-04-13
An issue was discovered in the Responsive Poll through 1.3.4 for Wordpress. It allows an unauthenticated user to manipulate polls, e.g., delete, clone, or view a hidden poll. This is due to the usage of the callback wp_ajax_nopriv function…
- CVE-2020-11797HIGHCVSS 7.5EG 7.52020-08-26
An Authentication Bypass vulnerability in the Published Area of the web conferencing component of Mitel MiCollab AWV before 8.1.2.4 and 9.x before 9.1.3 could allow an unauthenticated attacker to gain access to unauthorized information due…
- CVE-2020-11856CRITICALCVSS 9.8EG 9.82020-09-22
Arbitrary code execution vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. The vulnerability could allow remote attackers to execute arbitrary code on affected installations of OBR.
- CVE-2020-11946HIGHCVSS 7.5EG 7.52020-04-20
Zoho ManageEngine OpManager before 125120 allows an unauthenticated user to retrieve an API key via a servlet call.
- CVE-2020-11961HIGHCVSS 7.5EG 7.52020-06-24
Xiaomi router R3600 ROM before 1.0.50 is affected by a sensitive information leakage caused by an insecure interface get_config_result without authentication
- CVE-2020-11969CRITICALCVSS 9.8EG 9.82020-06-15
If Apache TomEE is configured to use the embedded ActiveMQ broker, and the broker URI includes the useJMX=true parameter, a JMX port is opened on TCP port 1099, which does not include authentication. This affects Apache TomEE 8.0.0-M1 - 8.…
- CVE-2020-12004HIGHCVSS 7.5EG 7.52020-06-09
The affected product lacks proper authentication required to query the server on the Ignition 8 Gateway (versions prior to 8.0.10) and Ignition 7 Gateway (versions prior to 7.9.14), allowing an attacker to obtain sensitive information.
- CVE-2020-12017CRITICALCVSS 9.8EG 9.82020-06-02
GE Grid Solutions Reason RT Clocks, RT430, RT431, and RT434, all firmware versions prior to 08A05. The device’s vulnerability in the web application could allow multiple unauthenticated attacks that could cause serious impact. The vulner…
- CVE-2020-12028HIGHCVSS 7.3EG 8.12020-07-20
In all versions of FactoryTalk View SEA remote, an authenticated attacker may be able to utilize certain handlers to interact with the data on the remote endpoint since those handlers do not enforce appropriate permissions. Rockwell Automa…
- CVE-2020-12106CRITICALCVSS 9.8EG 9.82020-08-12
The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows unauthenticated users to send HTTP POST request to several critical Administrative functions such as, changing credentials of the Administrator account or connect the product t…
- CVE-2020-12117MEDIUMCVSS 5.3EG 5.32020-05-01
Moxa Service in Moxa NPort 5150A firmware version 1.5 and earlier allows attackers to obtain sensitive configuration values via a crafted packet to UDP port 4800. NOTE: Moxa Service is an unauthenticated service that runs upon a first-time…
- CVE-2020-12127HIGHCVSS 7.5EG 7.52020-10-02
An information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to leak router settings, including cleartext login details, DNS settings, and other sensitiv…
- CVE-2020-12266HIGHCVSS 7.5EG 7.52020-04-27
An issue was discovered where there are multiple externally accessible pages that do not require any sort of authentication, and store system information for internal usage. The devices automatically query these pages to update dashboards …
- CVE-2020-12478HIGHCVSS 7.5EG 7.52020-04-29
TeamPass 2.1.27.36 allows an unauthenticated attacker to retrieve files from the TeamPass web root. This may include backups or LDAP debug files.
- CVE-2020-12484MEDIUMCVSS 6.4EG 6.42024-12-17
When using special mode to connect to enterprise wifi, certain options are not properly configured and attackers can pretend to be enterprise wifi through a carefully constructed wifi with the same name, which can lead to man-in-the-middle…
- CVE-2020-12491MEDIUMCVSS 4.8EG 4.82024-11-25
Improper control of framework service permissions with possibility of some sensitive device information leakage.
Map vulnerabilities like CWE-306 to your infrastructure
EchelonGraph correlates every CVE — across CWE-306 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →