Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-306

CWE-306

High likelihood

Missing Authentication for Critical Function

Parent: CWE-287 - Improper Authentication

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

2,452 vulnerabilities with CWE-306

CVE-2019-12130 CRITICAL

ONAP 3.0.0-4.0.0 - Unauthenticated Access to ONAP Services via Exposed Ports

CVE-2019-12129 CRITICAL

ONAP 3.0.0-4.0.0 - Unauthenticated Access to Services via Open Ports

CVE-2019-12128 CRITICAL

ONAP SO < 4.0.0 - Unauthenticated Access to Services via Open Ports

CVE-2019-20529 HIGH

Frappe 11-12 - Unauthenticated Sensitive Data Exposure via Prepared Report File Storage

CVE-2019-12120 CRITICAL

ONAP VNFSDK 3.0.0-4.0.0 - Unauthenticated Remote Code Execution via Port 8000

CVE-2019-12119 CRITICAL

ONAP SDC < 4.0.0 - Unauthenticated Remote Code Execution via Port 7000

CVE-2019-12118 CRITICAL

ONAP SDC < 4.0.0 - Unauthenticated Remote Code Execution via Port 7001

CVE-2019-12117 CRITICAL

ONAP SDC 3.0.0-4.0.0 - Unauthenticated Remote Code Execution via Port 4001

CVE-2019-12116 CRITICAL

ONAP SDC < 4.0.0 - Unauthenticated Remote Code Execution via Port 6000

CVE-2019-12115 CRITICAL

ONAP SDC Dublin - Unauthenticated Remote Code Execution via Port 4000

CVE-2019-12114 CRITICAL

ONAP < 4.0.0 - Unauthenticated RCE via Holmes Engine Management Pod Port 9202

CVE-2019-20105 MEDIUM

Atlassian Application Links < 5.4.20 - Missing Authentication

CVE-2019-13194 HIGH

Brother Printers - Unauthenticated Sensitive Information Disclosure via Specific URL

CVE-2019-13205 HIGH

Kyocera ECOSYS M5526cdw 2R7_2000.001.701 Sensitive Info Exposure via Config Files

CVE-2019-19799 MEDIUM

ManageEngine Applications Manager < 14600 - Unauthenticated Information Disclosure via WieldFeedServlet

CVE-2019-19226 HIGH

D-Link DSL-2680 Firmware EU_1.03 - Broken Access Control

CVE-2019-19225 HIGH

D-Link DSL-2680 Firmware EU_1.03 - Broken Access Control

CVE-2019-19224 HIGH

D-Link DSL-2680 Firmware EU_1.03 - Info Disclosure

CVE-2019-19800 MEDIUM

Zoho ManageEngine Applications Manager 14 < 14520 - Unauthenticated OS File Name Disclosure via FailOverHelperServlet

CVE-2019-4551 MEDIUM

IBM Security Directory Server 6.4.0 - Auth Bypass

CVE-2019-16893 HIGH

TP-Link TP-SG105E V4 1.0.0 Build 20181120 - Unauthenticated Device Reboot via reboot.cgi

CVE-2019-19143 MEDIUM

TP-LINK TL-WR849N 0.9.1 4.16 - Unauthenticated Firmware Replacement via cgi/softup POST Request

CVE-2019-19822 HIGH

TOTOLINK A3002RU < 2.0.0 - Unauthenticated Sensitive Data Exposure via Configuration Retrieval

CVE-2019-16003 MEDIUM

Cisco UCS Director - Info Disclosure

CVE-2019-19142 HIGH

Intelbras WRN 240 Firmware - Unauthenticated Firmware Replacement via Firmware.cfg URI

Previous Page 85 of 99 Next

Details

Vulnerabilities 2,452

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy