Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-306 (关键功能的认证机制缺失) — Vulnerability Class 1096

1096 vulnerabilities classified as CWE-306 (关键功能的认证机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-31143 Mage terminal user authentication not working properly — mage-ai 5.9 Medium2023-05-09
CVE-2023-30744 Improper access control during application start-up in SAP AS NetWeaver JAVA. — SAP AS NetWeaver JAVA 8.2 High2023-05-09
CVE-2023-20126 Cisco SPA112 2-Port Phone Adapters Remote Command Execution Vulnerability — Cisco Small Business IP Phones 9.8 Critical2023-05-04
CVE-2023-28697 Moxa MiiNePort E1 - Broken Access Control — MiiNePort E1 9.8 Critical2023-04-27
CVE-2023-2231 MAXTECH MAX-G866ac Remote Management missing authentication — MAX-G866ac 9.8 Critical2023-04-21
CVE-2023-30612 Malicious HTTP requests could close arbitrary opening file descriptors in cloud-hypervisor — cloud-hypervisor 4.0 Medium2023-04-19
CVE-2023-29413 Schneider Electric Easy UPS Online Monitoring Software 访问控制错误漏洞 — APC Easy UPS Online Monitoring Software (Windows 10, 11 Windows Server 2016, 2019, 2022) 7.5 High2023-04-18
CVE-2023-29411 Schneider Electric Easy UPS Online Monitoring Software 访问控制错误漏洞 — APC Easy UPS Online Monitoring Software (Windows 10, 11 Windows Server 2016, 2019, 2022) 9.8 Critical2023-04-18
CVE-2023-24934 Microsoft Defender Security Feature Bypass Vulnerability — Microsoft Malware Protection Platform 6.2 Medium2023-04-14
CVE-2022-41331 Fortinet FortiPresence 访问控制错误漏洞 — FortiPresence 9.3 Critical2023-04-11
CVE-2023-28761 Missing Authentication check in SAP NetWeaver Enterprise Portal — NetWeaver Enterprise Portal 6.5 Medium2023-04-11
CVE-2023-27497 Multiple vulnerabilities in SAP Diagnostics Agent (EventLogServiceCollector) — Diagnostics Agent (EventLogServiceCollector) 10.0 Critical2023-04-11
CVE-2023-27267 Multiple vulnerabilities in SAP Diagnostics Agent (OSCommand Bridge) — Diagnostics Agent (OSCommand Bridge) 9.0 Critical2023-04-11
CVE-2023-24527 Improper Access Control in SAP NetWeaver AS Java for Deploy Service — NetWeaver AS Java for Deploy Service 5.3 Medium2023-04-11
CVE-2022-36983 Ivanti Avalanche 访问控制错误漏洞 — Avalanche 9.8 -2023-03-29
CVE-2022-27645 NETGEAR R6700v3 访问控制错误漏洞 — R6700v3 8.8 -2023-03-29
CVE-2023-28326 Apache OpenMeetings: allows user impersonation — Apache OpenMeetings 9.8 -2023-03-28
CVE-2023-27980 Schneider Electric IGSS Data Server 访问控制错误漏洞 — IGSS Data Server(IGSSdataServer.exe) 8.8 High2023-03-21
CVE-2023-27983 Schneider Electric IGSS Data Server 访问控制错误漏洞 — IGSS Data Server(IGSSdataServer.exe) 6.5 Medium2023-03-21
CVE-2023-24526 Improper Access Control in SAP NetWeaver AS Java (Classload Service) — NetWeaver AS Java for Classload Service 5.3 Medium2023-03-14
CVE-2023-27532 Veeam Backup & Replication 访问控制错误漏洞 — Veeam Backup & Replication 7.5 -2023-03-10
CVE-2023-27290 IBM Observability with Instana missing authentication — Observability with Instana 9.1 Critical2023-03-03
CVE-2022-45140 WAGO: Missing Authentication for Critical Function — Compact Controller CC100 (751-9301) 9.8 Critical2023-02-27
CVE-2022-45138 WAGO: Missing Authentication for Critical Function — Compact Controller CC100 (751-9301) 9.8 Critical2023-02-27
CVE-2023-25570 Apollo has potential access control security issue in eureka — apollo 7.5 High2023-02-20
CVE-2023-23452 SICK FX0-GPNT 访问控制错误漏洞 — FX0-GPNT v3 Firmware 9.8 -2023-02-20
CVE-2023-23453 SICK FX0-GENT 访问控制错误漏洞 — FX0-GENT v3 Firmware 9.8 -2023-02-20
CVE-2023-0919 Missing Authentication for Critical Function in kareadita/kavita — kareadita/kavita 8.1 High2023-02-19
CVE-2023-0906 SourceCodester Online Pizza Ordering System POST Parameter ajax.php delete_category missing authentication — Online Pizza Ordering System 7.3 High2023-02-18
CVE-2023-22804 CVE-2023-22804 — XBC-DN32U 9.1 Critical2023-02-15

Vulnerabilities classified as CWE-306 (关键功能的认证机制缺失) represent 1096 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.