Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-306 (关键功能的认证机制缺失) — Vulnerability Class 1097

1097 vulnerabilities classified as CWE-306 (关键功能的认证机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-10386 Rockwell Automation FactoryTalk ThinManager Authentication Vulnerability — FactoryTalk ThinManager 9.8 Critical2024-10-25
CVE-2024-47575 Fortinet FortiManager 访问控制错误漏洞 — FortiManager 9.8 Critical2024-10-23
CVE-2024-47902 Siemens InterMesh 7177和Siemens InterMesh 7707 访问控制错误漏洞 — InterMesh 7177 Hybrid 2.0 Subscriber 7.2 High2024-10-23
CVE-2024-49399 Missing Authentication for Critical Function in Elvaco M-Bus Metering Gateway CMe3100 — M-Bus Metering Gateway CMe3100 9.1AICriticalAI2024-10-17
CVE-2024-48920 PutongOJ: unprivileged users can escalate privileges by constructing requests — PutongOJ 9.1 Critical2024-10-17
CVE-2024-45844 BIG-IP monitors vulnerability — BIG-IP 7.2 High2024-10-16
CVE-2024-5749 Certain HP DesignJet products – Credential reflection — Certain HP DesignJet products 7.5 High2024-10-15
CVE-2024-45276 MB connect line/Helmholz: tmp directory exposed via webservice — mbNET.mini 7.5 High2024-10-15
CVE-2024-45274 MB connect line/Helmholz: Remote code execution via confnet service — mbNET.mini 9.8 Critical2024-10-15
CVE-2024-9984 Ragic Enterprise Cloud Database - Missing Authentication — Enterprise Cloud Database 9.8 Critical2024-10-15
CVE-2024-9137 Moxa Service Missing Authentication for Critical Function — EDR-8010 Series 9.4 Critical2024-10-14
CVE-2024-8530 Schneider Electric Data Center Expert 访问控制错误漏洞 — Data Center Expert 5.9 Medium2024-10-11
CVE-2024-9164 Missing Authentication for Critical Function in GitLab — GitLab 9.6 Critical2024-10-11
CVE-2024-43488 Visual Studio Code extension for Arduino Remote Code Execution Vulnerability — Visual Studio Code 8.8 High2024-10-08
CVE-2024-47555 Missing Authentication - User & System Configuration — FreeFlow Core 8.3 High2024-10-07
CVE-2024-41988 Missing Authentication for Critical Function vulnerability in TEM Opera Plus FM Family Transmitter — Opera Plus FM Family Transmitter 9.8 -2024-10-03
CVE-2024-35294 Schneider Elektronik Series 700 prone to missing authentication for traffic capture function — Series 700 6.5 Medium2024-10-02
CVE-2024-35293 Schneider Elektronik Series 700 prone to missing authentication for critical reset function — Series 700 9.1 Critical2024-10-02
CVE-2024-8456 PLANET Technology switch devices - Missing Authentication for multiple HTTP routes — GS-4210-24PL4C hardware 2.0 9.8 Critical2024-09-30
CVE-2024-39364 Advantech ADAM-5630 Missing Authentication for Critical Function — ADAM-5630 6.3 Medium2024-09-27
CVE-2024-8310 OPW Fuel Management Systems SiteSentinel Missing Authentication for Critical Function — SiteSentinel 9.8 Critical2024-09-27
CVE-2024-6981 OMNTEC Proteus Tank Monitoring Missing Authentication for Critical Function — Proteus Tank Monitoring 9.8 Critical2024-09-27
CVE-2024-47130 Missing Authentication for Critical Function in goTenna Pro — Pro 8.8 High2024-09-26
CVE-2023-52949 Synology Active Backup for Business Agent 访问控制错误漏洞 — Synology Active Backup for Business Agent 5.5 Medium2024-09-26
CVE-2023-52947 Synology Active Backup for Business Agent 访问控制错误漏洞 — Synology Active Backup for Business Agent 4.0 Medium2024-09-26
CVE-2024-6592 WatchGuard Firebox Single Sign-On Agent Protocol Authorization Bypass — Authentication Gateway 9.1 Critical2024-09-25
CVE-2022-25770 Insufficient authentication in upgrade flow — Mautic 7.8 High2024-09-18
CVE-2024-6406 Sensetive Data Exposure in Yordam Information Technology's Mobile Library Application — Mobile Library Application 7.5AIHighAI2024-09-18
CVE-2024-8956 PTZOptics NDI and SDI Cameras /cgi-bin/param.cgi Insufficient Authentication — PT30X-SDI 9.1 Critical2024-09-17
CVE-2024-6582 Broken Access Control in lunary-ai/lunary — lunary-ai/lunary 6.1AIMediumAI2024-09-13

Vulnerabilities classified as CWE-306 (关键功能的认证机制缺失) represent 1097 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.