CWE-306 (关键功能的认证机制缺失) — Vulnerability Class 1095

1095 vulnerabilities classified as CWE-306 (关键功能的认证机制缺失). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2021-1396	Cisco Application Services Engine Unauthorized Access Vulnerabilities — Cisco Application Services Engine Software	9.8	Critical	2021-02-24
CVE-2021-1393	Cisco Application Services Engine Unauthorized Access Vulnerabilities — Cisco Application Services Engine Software	9.8	Critical	2021-02-24
CVE-2021-20198	Red Hat OpenShift Container Platform 访问控制错误漏洞 — openshift/installer	8.1	-	2021-02-23
CVE-2021-22652	Advantech Iview 访问控制错误漏洞 — Advantech iView	9.8	-	2021-02-11
CVE-2020-26192	DELL EMC PowerScale 访问控制错误漏洞 — PowerScale OneFS	7.8	High	2021-02-09
CVE-2020-15798	Siemens Simatic Hmi 访问控制错误漏洞 — SIMATIC HMI Comfort Panels (incl. SIPLUS variants)	9.1	-	2021-02-09
CVE-2021-1246	Cisco Finesse OpenSocial Gadget Editor Unauthenticated Access Vulnerability — Cisco Unified Customer Voice Portal (CVP)	6.5	Medium	2021-01-13
CVE-2020-15799	Siemens SCALANCE X-200IRT 访问控制错误漏洞 — SCALANCE X-200 switch family (incl. SIPLUS NET variants)	6.5	-	2021-01-12
CVE-2020-27285	Red Lion Controls Crimson 访问控制错误漏洞 — Crimson 3.1	9.1	-	2021-01-06
CVE-2020-25228	Siemens LOGO! 8 BM 访问控制错误漏洞 — LOGO! 8 BM (incl. SIPLUS variants)	9.8	-	2020-12-14
CVE-2020-7540	多款Schneider Electric产品访问控制错误漏洞 — Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)	9.8	-	2020-12-11
CVE-2020-3531	Cisco IoT Field Network Director Unauthenticated REST API Vulnerability — Cisco IoT Field Network Director (IoT-FND)	9.8	-	2020-11-18
CVE-2020-3392	Cisco IoT Field Network Director Missing API Authentication Vulnerability — Cisco IoT Field Network Director (IoT-FND)	7.5	-	2020-11-18
CVE-2020-12500	Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products — P+F Comtrol RocketLinx	9.8	Critical	2020-10-15
CVE-2020-3598	Cisco Vision Dynamic Signage Director Missing Authentication Vulnerability — Cisco Vision Dynamic Signage Director	6.5	Medium	2020-10-08
CVE-2020-12505	WAGO: Vulnerability in web-based authentication in WAGO 750-8XX Version <= FW07 — 750-852	8.2	High	2020-09-30
CVE-2020-12506	WAGO: Authentication Bypass Vulnerability in WAGO 750-36X and WAGO 750-8XX Versions <= FW03 — 750-362	9.1	Critical	2020-09-30
CVE-2019-16004	Cisco Vision Dynamic Signage Director Authentication Bypass Vulnerability — Cisco Vision Dynamic Signage Director	8.2	-	2020-09-23
CVE-2020-15127	Denial of service in Contour — contour	7.5	High	2020-08-05
CVE-2020-3461	Cisco Data Center Network Manager Information Disclosure Vulnerability — Cisco Data Center Network Manager	7.5	-	2020-07-31
CVE-2020-3376	Cisco Data Center Network Manager Authentication Bypass Vulnerability — Cisco Data Center Network Manager	7.3	High	2020-07-31
CVE-2020-10920	C-More HMI EA9 访问控制错误漏洞 — HMI EA9	9.8	-	2020-07-23
CVE-2020-10921	C-More HMI EA9 访问控制错误漏洞 — HMI EA9	9.8	-	2020-07-23
CVE-2020-10605	Grundfos CIM 500 访问控制错误漏洞 — CIM 500	7.5	-	2020-07-17
CVE-2020-14501	Advantech iView 访问控制错误漏洞 — Advantech iView	9.8	-	2020-07-15
CVE-2020-5373	Dell EMC OpenManage Integration for Microsoft System Center 访问控制错误漏洞 — OMIMSSC (OpenManage Integration for Microsoft System Center)	6.5	Medium	2020-07-14
CVE-2020-10044	Siemens SICAM MMU、SGU和T 访问控制错误漏洞 — SICAM MMU	7.5	-	2020-07-14
CVE-2020-10038	Siemens SICAM MMU、SGU和T 访问控制错误漏洞 — SICAM MMU	9.8	-	2020-07-14
CVE-2020-10282	RVD#3316: No authentication in MAVLink protocol — MAVLink	9.8	-	2020-07-03
CVE-2020-3402	Cisco Unified Customer Voice Portal Information Disclosure Vulnerability — Cisco Unified IP Interactive Voice Response (IVR)	7.5	-	2020-07-02

Vulnerabilities classified as CWE-306 (关键功能的认证机制缺失) represent 1095 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-306 (关键功能的认证机制缺失) — Vulnerability Class 1095