Vulnerabilities (CVE)

Filtered by CWE-306
Total 1228 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-26705 1 Squarebox 1 Catdv 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
An issue was discovered in SquareBox CatDV Server through 9.2. An attacker can invoke sensitive RMI methods such as getConnections without authentication, the results of which can be used to generate valid authentication tokens. These tokens can then be used to invoke administrative tasks within the application, such as disclosing password hashes.
CVE-2021-26697 1 Apache 1 Airflow 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
The lineage endpoint of the deprecated Experimental API was not protected by authentication in Airflow 2.0.0. This allowed unauthenticated users to hit that endpoint. This is low-severity issue as the attacker needs to be aware of certain parameters to pass to that endpoint and even after can just get some metadata about a DAG and a Task. This issue affects Apache Airflow 2.0.0.
CVE-2021-26637 1 Shinasys 6 Sihas Acm-300, Sihas Acm-300 Firmware, Sihas Gcm-300 and 3 more 2024-11-21 7.5 HIGH 8.8 HIGH
There is no account authentication and permission check logic in the firmware and existing apps of SiHAS's SGW-300, ACM-300, GCM-300, so unauthorized users can remotely control the device.
CVE-2021-26264 1 Emerson 2 Deltav Distributed Control System, Deltav Workstation 2024-11-21 4.9 MEDIUM 6.1 MEDIUM
A specially crafted script could cause the DeltaV Distributed Control System Controllers (All Versions) to restart and cause a denial-of-service condition.
CVE-2021-25312 1 Wisc 1 Htcondor 2024-11-21 6.5 MEDIUM 8.8 HIGH
HTCondor before 8.9.11 allows a user to submit a job as another user on the system, because of a flaw in the IDTOKENS authentication method.
CVE-2021-25094 1 Brandexponents 1 Tatsu 2024-11-21 6.8 MEDIUM 8.1 HIGH
The Tatsu WordPress plugin before 3.3.12 add_custom_font action can be used without prior authentication to upload a rogue zip file which is uncompressed under the WordPress's upload directory. By adding a PHP shell with a filename starting with a dot ".", this can bypass extension control implemented in the plugin. Moreover, there is a race condition in the zip extraction process which makes the shell file live long enough on the filesystem to be callable by an attacker.
CVE-2021-24219 1 Thrivethemes 20 Focusblog, Ignition, Luxe and 17 more 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
The Thrive Optimize WordPress plugin before 1.4.13.3, Thrive Comments WordPress plugin before 1.4.15.3, Thrive Headline Optimizer WordPress plugin before 1.3.7.3, Thrive Leads WordPress plugin before 2.3.9.4, Thrive Ultimatum WordPress plugin before 2.3.9.4, Thrive Quiz Builder WordPress plugin before 2.3.9.4, Thrive Apprentice WordPress plugin before 2.3.9.4, Thrive Visual Editor WordPress plugin before 2.6.7.4, Thrive Dashboard WordPress plugin before 2.3.9.3, Thrive Ovation WordPress plugin before 2.4.5, Thrive Clever Widgets WordPress plugin before 1.57.1 and Rise by Thrive Themes WordPress theme before 2.0.0, Ignition by Thrive Themes WordPress theme before 2.0.0, Luxe by Thrive Themes WordPress theme before 2.0.0, FocusBlog by Thrive Themes WordPress theme before 2.0.0, Minus by Thrive Themes WordPress theme before 2.0.0, Squared by Thrive Themes WordPress theme before 2.0.0, Voice WordPress theme before 2.0.0, Performag by Thrive Themes WordPress theme before 2.0.0, Pressive by Thrive Themes WordPress theme before 2.0.0, Storied by Thrive Themes WordPress theme before 2.0.0, Thrive Themes Builder WordPress theme before 2.2.4 register a REST API endpoint associated with Zapier functionality. While this endpoint was intended to require an API key in order to access, it was possible to access it by supplying an empty api_key parameter in vulnerable versions if Zapier was not enabled. Attackers could use this endpoint to add arbitrary data to a predefined option in the wp_options table.
CVE-2021-23858 1 Bosch 24 Indracontrol Xlc, Indracontrol Xlc Firmware, Rexroth Indramotion Mlc L20 and 21 more 2024-11-21 7.8 HIGH 8.6 HIGH
Information disclosure: The main configuration, including users and their hashed passwords, is exposed by an unprotected web server resource and can be accessed without authentication. Additionally, device details are exposed which include the serial number and the firmware version by another unprotected web server resource.
CVE-2021-23847 1 Bosch 6 Cpp6, Cpp6 Firmware, Cpp7 and 3 more 2024-11-21 6.4 MEDIUM 9.8 CRITICAL
A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated remote attacker to extract sensitive information or change settings of the camera by sending crafted requests to the device. Only devices of the CPP6, CPP7 and CPP7.3 family with firmware 7.70, 7.72, and 7.80 prior to B128 are affected by this vulnerability. Versions 7.62 or lower and INTEOX cameras are not affected.
CVE-2021-23843 1 Bosch 5 Access Management System, Access Professional Edition, Amc2 and 2 more 2024-11-21 4.6 MEDIUM 8.8 HIGH
The Bosch software tools AccessIPConfig.exe and AmcIpConfig.exe are used to configure certains settings in AMC2 devices. The tool allows putting a password protection on configured devices to restrict access to the configuration of an AMC2. An attacker can circumvent this protection and make unauthorized changes to configuration data on the device. An attacker can exploit this vulnerability to manipulate the device\'s configuration or make it unresponsive in the local network. The attacker needs to have access to the local network, typically even the same subnet.
CVE-2021-22997 1 F5 1 Big-iq Centralized Management 2024-11-21 5.0 MEDIUM 7.5 HIGH
On all 7.x and 6.x versions (fixed in 8.0.0), BIG-IQ HA ElasticSearch service does not implement any form of authentication for the clustering transport services, and all data used by ElasticSearch for transport is unencrypted. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.
CVE-2021-22995 1 F5 1 Big-iq Centralized Management 2024-11-21 5.0 MEDIUM 7.5 HIGH
On all 7.x and 6.x versions (fixed in 8.0.0), BIG-IQ high availability (HA) when using a Quorum device for automatic failover does not implement any form of authentication with the Corosync daemon. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.
CVE-2021-22850 1 Hgiga 1 Oaklouds Portal 2024-11-21 7.5 HIGH 5.3 MEDIUM
HGiga EIP product lacks ineffective access control in certain pages that allow attackers to access database or perform privileged functions.
CVE-2021-22823 1 Schneider-electric 1 Interactive Graphical Scada System Data Collector 2024-11-21 5.0 MEDIUM 9.1 CRITICAL
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of validation of network messages. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21320 and prior)
CVE-2021-22805 1 Schneider-electric 1 Interactive Graphical Scada System Data Collector 2024-11-21 5.0 MEDIUM 9.1 CRITICAL
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of validation of network messages. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)
CVE-2021-22784 1 Schneider-electric 1 C-bus Toolkit 2024-11-21 3.5 LOW 5.7 MEDIUM
A CWE-306: Missing Authentication for Critical Function vulnerability exists in C-Bus Toolkit v1.15.8 and prior that could allow an attacker to use a crafted webpage to obtain remote access to the system.
CVE-2021-22772 1 Schneider-electric 6 T200e, T200e Firmware, T200i and 3 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T200 ((Modbus) SC2-04MOD-07000100 and earlier), Easergy T200 ((IEC104) SC2-04IEC-07000100 and earlier), and Easergy T200 ((DNP3) SC2-04DNP-07000102 and earlier) that could cause unauthorized operation when authentication is bypassed.
CVE-2021-22652 1 Advantech 1 Iview 2024-11-21 7.5 HIGH 9.8 CRITICAL
Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing authentication, which may allow an unauthorized attacker to change the configuration and obtain code execution.
CVE-2021-22322 1 Huawei 2 Emui, Magic Ui 2024-11-21 5.0 MEDIUM 7.5 HIGH
There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality.
CVE-2021-22316 1 Huawei 2 Emui, Magic Ui 2024-11-21 4.6 MEDIUM 6.8 MEDIUM
There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone. Attackers with physical access to the device can thereby exploit this vulnerability. A successful exploitation of this vulnerability can compromise the device's data security and functional availability.