Vulnerabilities > Weak Password Requirements

DATE CVE VULNERABILITY TITLE RISK
2024-03-01 CVE-2023-50305 Weak Password Requirements vulnerability in IBM products
IBM Engineering Requirements Management DOORS 9.7.2.7 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
local
high complexity
ibm CWE-521
5.1
2024-02-07 CVE-2023-38369 Weak Password Requirements vulnerability in IBM Security Access Manager Container
IBM Security Access Manager Container 10.0.0.0 through 10.0.6.1 does not require that docker images should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
network
low complexity
ibm CWE-521
7.5
2024-02-03 CVE-2023-43016 Weak Password Requirements vulnerability in IBM products
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a remote user to log into the server due to a user account with an empty password.
network
low complexity
ibm CWE-521
7.3
2024-01-30 CVE-2024-0676 Weak Password Requirements vulnerability in Lamassu Douro Firmware and Douro II Firmware
Weak password requirement vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version , which allows a local user to interact with the machine where the application is installed, retrieve stored hashes from the machine and crack long 4-character passwords using a dictionary attack.
local
low complexity
lamassu CWE-521
7.1
2024-01-09 CVE-2024-0347 Weak Password Requirements vulnerability in Engineers Online Portal Project Engineers Online Portal 1.0
A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as problematic.
network
high complexity
engineers-online-portal-project CWE-521
3.7
2024-01-09 CVE-2023-49238 Weak Password Requirements vulnerability in Gradle Enterprise
In Gradle Enterprise before 2023.1, a remote attacker may be able to gain access to a new installation (in certain installation scenarios) because of a non-unique initial system user password.
network
low complexity
gradle CWE-521
critical
9.8
2024-01-02 CVE-2024-0188 Weak Password Requirements vulnerability in NIA RRJ Nueva Ecija Engineer Online Portal 1.0
A vulnerability, which was classified as problematic, was found in RRJ Nueva Ecija Engineer Online Portal 1.0.
network
high complexity
nia CWE-521
8.1
2023-12-22 CVE-2023-7053 Weak Password Requirements vulnerability in PHPgurukul Online Notes Sharing System 1.0
A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0.
network
low complexity
phpgurukul CWE-521
8.8
2023-12-04 CVE-2023-24049 Weak Password Requirements vulnerability in Connectize Ac21000 G6 Firmware 641.139.1.1256
An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges on the device via poor credential management.
network
low complexity
connectize CWE-521
critical
9.8
2023-11-08 CVE-2023-29974 Weak Password Requirements vulnerability in Pfsense 2.6.0
An issue discovered in Pfsense CE version 2.6.0 allows attackers to compromise user accounts via weak password requirements.
network
low complexity
pfsense CWE-521
critical
9.8