CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Related To CWE-306

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
251 CVE-2019-11496 306 2019-09-10 2020-08-24
6.4
None Remote Low Not required Partial Partial None
In versions of Couchbase Server prior to 5.0, the bucket named "default" was a special bucket that allowed read and write access without authentication. As part of 5.0, the behavior of all buckets including "default" were changed to only allow access by authenticated users with sufficient authorization. However, users were allowed unauthenticated and unauthorized access to the "default" bucket if the properties of this bucket were edited. This has been fixed in versions 5.1.0 and 5.5.0.
252 CVE-2019-11466 306 2019-09-10 2020-08-24
5.0
None Remote Low Not required Partial None None
In Couchbase Server 6.0.0 and 5.5.0, the eventing service exposes system diagnostic profile via an HTTP endpoint that does not require credentials on a port earmarked for internal traffic only. This has been remedied in version 6.0.1 and now requires valid credentials to access.
253 CVE-2019-11321 306 +Info 2019-04-18 2020-08-24
5.0
None Remote Low Not required Partial None None
An issue was discovered in Motorola CX2 1.01 and M2 1.01. The router opens TCP port 8010. Users can send hnap requests to this port without authentication to obtain information such as the MAC addresses of connected client devices.
254 CVE-2019-11063 306 2019-08-29 2020-08-24
8.3
None Local Network Low Not required Complete Complete Complete
A broken access control vulnerability in SmartHome app (Android versions up to 3.0.42_190515, ios versions up to 2.0.22) allows an attacker in the same local area network to list user accounts and control IoT devices that connect with its gateway (HG100) via http://[target]/smarthome/devicecontrol without any authentication. CVSS 3.0 base score 10 (Confidentiality, Integrity and Availability impacts). CVSS vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).
255 CVE-2019-11061 306 2019-08-29 2020-08-24
4.8
None Local Network Low Not required Partial Partial None
A broken access control vulnerability in HG100 firmware versions up to 4.00.06 allows an attacker in the same local area network to control IoT devices that connect with itself via http://[target]/smarthome/devicecontrol without any authentication. CVSS 3.0 base score 10 (Confidentiality, Integrity and Availability impacts). CVSS vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).
256 CVE-2019-11020 306 2019-07-09 2021-09-13
5.0
None Remote Low Not required Partial None None
Lack of authentication in file-viewing components in DDRT Dashcom Live 2019-05-09 allows anyone to remotely access all claim details by visiting easily guessable dashboard/uploads/claim_files/claim_id_ URLs.
257 CVE-2019-11019 306 2019-07-09 2021-09-13
5.0
None Remote Low Not required Partial None None
Lack of authentication in case-exporting components in DDRT Dashcom Live through 2019-05-08 allows anyone to remotely access all claim details by visiting easily guessable exportpdf/all_claim_detail.php?claim_id= URLs.
258 CVE-2019-10950 306 2019-04-30 2020-10-02
10.0
None Remote Low Not required Complete Complete Complete
Fujifilm FCR Capsula X/ Carbon X/ FCR XC-2, model versions CR-IR 357 FCR Carbon X, CR-IR 357 FCR XC-2, FCR-IR 357 FCR Capsula X provide insecure telnet services that lack authentication requirements. An attacker who successfully exploits this vulnerability may be able to access the underlying operating system.
259 CVE-2019-10946 306 2019-04-10 2020-08-24
5.0
None Remote Low Not required None Partial None
An issue was discovered in Joomla! before 3.9.5. The "refresh list of helpsites" endpoint of com_users lacks access checks, allowing calls from unauthenticated users.
260 CVE-2019-10941 306 2021-09-14 2021-09-23
5.0
None Remote Low Not required Partial None None
A vulnerability has been identified in SINEMA Server (All versions < V14 SP3). Missing authentication for functionality that requires administrative user identity could allow an attacker to obtain encoded system configuration backup files. This is only possible through network access to the affected system, and successful exploitation requires no system privileges.
261 CVE-2019-10919 306 2019-05-14 2022-01-04
7.5
None Remote Low Not required Partial Partial Partial
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Attackers with access to port 10005/tcp could perform device reconfigurations and obtain project files from the devices. The system manual recommends to protect access to this port. The security vulnerability could be exploited by an unauthenticated attacker with network access to port 10005/tcp. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.
262 CVE-2019-10915 306 Exec Code 2019-07-11 2020-10-02
4.6
None Local Low Not required Partial Partial Partial
A vulnerability has been identified in TIA Administrator (All versions < V1.0 SP1 Upd1). The integrated configuration web application (TIA Administrator) allows to execute certain application commands without proper authentication. The vulnerability could be exploited by an attacker with local access to the affected system. Successful exploitation requires no privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.
263 CVE-2019-10886 306 2019-04-19 2020-08-24
4.3
None Remote Medium Not required Partial None None
An incorrect access control exists in the Sony Photo Sharing Plus application in the firmware before PKG6.5629 version (for the X7500D TV and other applicable TVs). This vulnerability allows an attacker to read arbitrary files without authentication over HTTP when Photo Sharing Plus application is running. This may allow an attacker to browse a particular directory (e.g. images) inside the private network.
264 CVE-2019-10668 306 2019-09-09 2020-08-24
6.4
None Remote Low Not required Partial Partial None
An issue was discovered in LibreNMS through 1.47. A number of scripts import the Authentication libraries, but do not enforce an actual authentication check. Several of these scripts disclose information or expose functions that are of a sensitive nature and are not expected to be publicly accessible.
265 CVE-2019-10198 306 Bypass 2019-07-31 2020-09-30
4.0
None Remote Low ??? Partial None None
An authentication bypass vulnerability was discovered in foreman-tasks before 0.15.7. Previously, commit tasks were searched through find_resource, which performed authorization checks. After the change to Foreman, an unauthenticated user can view the details of a task through the web UI or API, if they can discover or guess the UUID of the task.
266 CVE-2019-10121 306 2019-07-10 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.15 use session IDs for authentication but lack authorization checks. An attacker can obtain a session ID via the user authentication dialogue, aka HMCCU-153. This leads to automatic login as admin.
267 CVE-2019-10119 306 2019-07-10 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.16 use session IDs for authentication but lack authorization checks. An attacker can obtain a session ID via an invalid login attempt to the RemoteApi account, aka HMCCU-154. This leads to automatic login as admin.
268 CVE-2019-10046 306 +Info 2019-05-31 2020-08-24
5.0
None Remote Low Not required Partial None None
An unauthenticated attacker can obtain information about the Pydio 8.2.2 configuration including session timeout, libraries, and license information.
269 CVE-2019-10042 306 2019-03-25 2020-08-24
7.8
None Remote Low Not required None None Complete
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dir_login.asp and use an API URL /goform/LoadDefaultSettings to reset the router without authentication.
270 CVE-2019-10041 306 2019-03-25 2020-08-24
5.0
None Remote Low Not required None Partial None
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dir_login.asp and use an API URL /goform/form2userconfig.cgi to edit the system account without authentication.
271 CVE-2019-10040 306 Exec Code 2019-03-25 2020-08-24
10.0
None Remote Low Not required Complete Complete Complete
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dir_login.asp and use a hidden API URL /goform/SystemCommand to execute a system command without authentication.
272 CVE-2019-10039 306 2019-03-25 2020-08-24
5.0
None Remote Low Not required None Partial None
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dir_login.asp and use an API URL /goform/setSysAdm to edit the web or system account without authentication.
273 CVE-2019-9974 306 2019-04-11 2020-08-24
6.4
None Remote Low Not required Partial None Partial
diag_tool.cgi on DASAN H660RM GPON routers with firmware 1.03-0022 lacks any authorization check, which allows remote attackers to run a ping command via a GET request to enumerate LAN devices or crash the router with a DoS attack.
274 CVE-2019-9935 306 2019-08-28 2020-08-24
5.0
None Remote Low Not required Partial None None
Various Lexmark products have Incorrect Access Control (issue 2 of 2).
275 CVE-2019-9934 306 2019-08-28 2020-08-24
5.0
None Remote Low Not required Partial None None
Various Lexmark products have Incorrect Access Control (issue 1 of 2).
276 CVE-2019-9881 306 2019-06-10 2019-06-11
5.0
None Remote Low Not required None Partial None
The createComment mutation in the WPGraphQL 0.2.3 plugin for WordPress allows unauthenticated users to post comments on any article, even when 'allow comment' is disabled.
277 CVE-2019-9880 306 2019-06-10 2019-06-11
6.4
None Remote Low Not required Partial Partial None
An issue was discovered in the WPGraphQL 0.2.3 plugin for WordPress. By querying the 'users' RootQuery, it is possible, for an unauthenticated attacker, to retrieve all WordPress users details such as email address, role, and username.
278 CVE-2019-9879 306 2019-06-10 2019-06-11
7.5
None Remote Low Not required Partial Partial Partial
The WPGraphQL 0.2.3 plugin for WordPress allows remote attackers to register a new user with admin privileges, whenever new user registrations are allowed. This is related to the registerUser mutation.
279 CVE-2019-9871 306 Exec Code 2019-05-31 2020-08-24
10.0
None Remote Low Not required Complete Complete Complete
Jector Smart TV FM-K75 devices allow remote code execution because there is an adb open port with root permission.
280 CVE-2019-9727 306 2019-05-13 2020-08-24
5.0
None Remote Low Not required Partial None None
Unauthenticated password hash disclosure in the User.getUserPWD method in eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to retrieve the GUI password hashes of GUI users. This vulnerability can be exploited by unauthenticated attackers with access to the web interface.
281 CVE-2019-9585 306 2019-08-14 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
eQ-3 Homematic CCU2 prior to 2.47.10 and CCU3 prior to 3.47.10 JSON API has Improper Access Control for Interface.***Metadata related operations, resulting in the ability to read, set and deletion of Metadata.
282 CVE-2019-9529 306 2019-10-10 2019-10-21
4.9
None Local Low Not required None Complete None
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, has no authentication by default. This could allow an unauthenticated, local attacker connected to the device to access the portal and to make any change to the device.
283 CVE-2019-9484 306 2019-03-01 2020-08-24
5.0
None Remote Low Not required Partial None None
The Glen Dimplex Deutschland GmbH implementation of the Carel pCOWeb configuration tool allows remote attackers to obtain access via an HTTP session on port 10000, as demonstrated by reading the modem password (which is 1234), or reconfiguring "party mode" or "vacation mode."
284 CVE-2019-9201 306 +Info 2019-02-26 2020-08-24
9.0
None Remote Low Not required Partial Partial Complete
Phoenix Contact ILC 131 ETH, ILC 131 ETH/XC, ILC 151 ETH, ILC 151 ETH/XC, ILC 171 ETH 2TX, ILC 191 ETH 2TX, ILC 191 ME/AN, and AXC 1050 devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make changes, as demonstrated by using the Create Backup feature to traverse all directories.
285 CVE-2019-8993 306 2019-04-24 2020-08-24
5.0
None Remote Low Not required Partial None None
The administrative web server component of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, TIBCO ActiveMatrix Policy Director, TIBCO ActiveMatrix Service Bus, TIBCO ActiveMatrix Service Grid, TIBCO ActiveMatrix Service Grid Distribution for TIBCO Silver Fabric, TIBCO Silver Fabric Enabler for ActiveMatrix BPM, and TIBCO Silver Fabric Enabler for ActiveMatrix Service Grid contains a vulnerability that could theoretically allow an unauthenticated user to download a file with credentials information. Affected releases are TIBCO Software Inc.'s TIBCO ActiveMatrix BPM: versions up to and including 4.2.0, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric: versions up to and including 4.2.0, TIBCO ActiveMatrix Policy Director: versions up to and including 1.1.0, TIBCO ActiveMatrix Service Bus: versions up to and including 3.3.0, TIBCO ActiveMatrix Service Grid: versions up to and including 3.3.1, TIBCO ActiveMatrix Service Grid Distribution for TIBCO Silver Fabric: versions up to and including 3.3.0, TIBCO Silver Fabric Enabler for ActiveMatrix BPM: versions up to and including 1.4.1, and TIBCO Silver Fabric Enabler for ActiveMatrix Service Grid: versions up to and including 1.3.1.
286 CVE-2019-8682 306 2019-12-18 2019-12-20
2.1
None Local Low Not required None Partial None
The issue was addressed with improved UI handling. This issue is fixed in iOS 12.4, watchOS 5.3. A user may inadvertently complete an in-app purchase while on the lock screen.
287 CVE-2019-8449 306 2019-09-11 2022-01-01
5.0
None Remote Low Not required Partial None None
The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability.
288 CVE-2019-8292 306 2019-10-01 2019-12-23
6.4
None Remote Low Not required None Partial Partial
Online Store System v1.0 delete_product.php doesn't check to see if a user authtenticated or has administrative rights allowing arbitrary product deletion.
289 CVE-2019-7727 306 Exec Code 2019-04-23 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
In NICE Engage through 6.5, the default configuration binds an unauthenticated JMX/RMI interface to all network interfaces, without restricting registration of MBeans, which allows remote attackers to execute arbitrary code via the RMI protocol by using the JMX connector. The observed affected TCP port is 6338 but, based on the product's configuration, a different one could be vulnerable.
290 CVE-2019-7642 306 2019-03-25 2021-04-23
5.0
None Remote Low Not required Partial None None
D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain users' DNS query logs and login logs. Vulnerable targets include but are not limited to the latest firmware versions of DIR-817LW (A1-1.04), DIR-816L (B1-2.06), DIR-816 (B1-2.06?), DIR-850L (A1-1.09), and DIR-868L (A1-1.10).
291 CVE-2019-7564 306 2019-05-07 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on Shenzhen Coship WM3300 WiFi Router 5.0.0.55 devices. The password reset functionality of the Wireless SSID doesn't require any type of authentication. By making a POST request to the regx/wireless/wl_security_2G.asp URI, the attacker can change the password of the Wi-FI network.
292 CVE-2019-7390 306 2019-02-05 2020-08-24
5.0
None Remote Low Not required None Partial None
An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to hijack the DNS service configuration of all clients in the WLAN, without authentication, via the SetWanSettings HNAP API.
293 CVE-2019-7389 306 2019-02-05 2020-08-24
7.8
None Remote Low Not required None None Complete
An issue was discovered in /bin/goahead on D-Link DIR-823G devices with the firmware 1.02B03. There is incorrect access control allowing remote attackers to reset the router without authentication via the SetFactoryDefault HNAP API. Consequently, an attacker can achieve a denial-of-service attack without authentication.
294 CVE-2019-6958 306 2019-05-29 2020-08-24
6.4
None Remote Low Not required Partial None Partial
A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Configuration Manager, Building Integration System (BIS) with Video Engine, Access Professional Edition (APE), Access Easy Controller (AEC), Bosch Video Client (BVC) and Video SDK (VSDK). The RCP+ network port allows access without authentication. Adding authentication feature to the respective library fixes the issue. The issue is classified as "CWE-284: Improper Access Control." This vulnerability, for example, allows a potential attacker to delete video or read video data.
295 CVE-2019-6820 306 2019-05-22 2021-08-26
6.4
None Remote Low Not required None Partial Partial
A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration (IP address, network mask and gateway IP address) when a specific Ethernet frame is received in all versions of: Modicon M100, Modicon M200, Modicon M221, ATV IMC drive controller, Modicon M241, Modicon M251, Modicon M258, Modicon LMC058, Modicon LMC078, PacDrive Eco ,PacDrive Pro, PacDrive Pro2
296 CVE-2019-6808 306 Exec Code 2019-05-22 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a remote code execution by overwriting configuration settings of the controller over Modbus.
297 CVE-2019-6652 306 2019-09-25 2020-08-24
6.4
None Remote Low Not required Partial Partial None
In BIG-IQ 6.0.0-6.1.0, services for stats do not require authentication nor do they implement any form of Transport Layer Security (TLS).
298 CVE-2019-6543 306 Exec Code 2019-02-13 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) prior to Version 2017 Update. Code is executed under the program runtime privileges, which could lead to the compromise of the machine.
299 CVE-2019-6542 306 DoS 2019-03-28 2019-10-09
7.8
None Remote Low Not required None None Complete
ENTTEC Datagate MK2, Storm 24, Pixelator all firmware versions prior to (70044,70050,70060)_update_05032019-482 allows an unauthenticated user to initiate a remote reboot, which may be used to cause a denial of service condition.
300 CVE-2019-6538 306 2019-03-25 2020-10-06
3.3
None Local Network Low Not required None Partial None
The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and 24952, CareLink Monitor version 2490C, CareLink 2090 Programmer, Amplia CRT-D, Claria CRT-D, Compia CRT-D, Concerto CRT-D, Concerto II CRT-D, Consulta CRT-D, Evera ICD, Maximo II CRT-D and ICD, Mirro ICD, Nayamed ND ICD, Primo ICD, Protecta ICD and CRT-D, Secura ICD, Virtuoso ICD, Virtuoso II ICD, Visia AF ICD, and Viva CRT-D does not implement authentication or authorization. An attacker with adjacent short-range access to an affected product, in situations where the product’s radio is turned on, can inject, replay, modify, and/or intercept data within the telemetry communication. This communication protocol provides the ability to read and write memory values to affected implanted cardiac devices; therefore, an attacker could exploit this communication protocol to change memory in the implanted cardiac device.
Total number of vulnerabilities : 419   Page : 1 2 3 4 5 6 (This Page)7 8 9
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.