Vulnerabilities > Weak Password Requirements

DATE CVE VULNERABILITY TITLE RISK
2025-03-20 CVE-2025-1474 Weak Password Requirements vulnerability in Lfprojects Mlflow
In mlflow/mlflow version 2.18, an admin is able to create a new user account without setting a password.
network
low complexity
lfprojects CWE-521
5.5
2025-03-01 CVE-2024-41778 IBM Controller 11.0.0 through 11.0.1 and 11.1.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
network
high complexity
CWE-521
5.3
2025-02-16 CVE-2025-1341 A vulnerability, which was classified as problematic, was found in PMWeb 7.2.0.
network
high complexity
CWE-521
3.7
2025-01-29 CVE-2023-35907 Weak Password Requirements vulnerability in IBM Aspera Faspex
IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
network
low complexity
ibm CWE-521
critical
9.8
2025-01-29 CVE-2023-37398 Weak Password Requirements vulnerability in IBM Aspera Faspex
IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
network
low complexity
ibm CWE-521
critical
9.8
2024-10-10 CVE-2024-22068 Weak Password Requirements vulnerability in ZTE products
Improper Privilege Management vulnerability in ZTE ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series on 64 bit allows Functionality Bypass.This issue affects ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series: V4.00.10 and earlier.
network
low complexity
zte CWE-521
6.5
2024-10-09 CVE-2024-7293 Weak Password Requirements vulnerability in Progress Telerik Reporting
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a password brute forcing attack is possible through weak password requirements.
network
low complexity
progress CWE-521
8.8
2024-09-26 CVE-2024-47121 Weak Password Requirements vulnerability in Gotenna PRO
The goTenna Pro App uses a weak password for sharing encryption keys via the key broadcast method.
high complexity
gotenna CWE-521
5.3
2024-09-22 CVE-2024-47221 Weak Password Requirements vulnerability in Rapidscada Rapid Scada
CheckUser in ScadaServerEngine/MainLogic.cs in Rapid SCADA through 5.8.4 allows an empty password.
network
low complexity
rapidscada CWE-521
7.5
2024-09-12 CVE-2021-38133 Weak Password Requirements vulnerability in Microfocus Edirectory
Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory.
network
low complexity
microfocus CWE-521
6.5