Vulnerabilities > Weak Password Requirements
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-07 | CVE-2018-19064 | Weak Password Requirements vulnerability in multiple products An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. | 9.8 |
| 2018-10-11 | CVE-2018-15766 | Weak Password Requirements vulnerability in Dell Encryption and Endpoint Security Suite Enterprise On install, Dell Encryption versions prior 10.0.1 and Dell Endpoint Security Suite Enterprise versions prior 2.0.1 will overwrite and manually set the "Minimum Password Length" group policy object to a value of 1 on that device. | 7.5 |
| 2018-09-06 | CVE-2018-5389 | Weak Password Requirements vulnerability in Ietf Internet KEY Exchange 1.0 The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. | 5.9 |
| 2018-08-24 | CVE-2017-9818 | Weak Password Requirements vulnerability in Npci Bharat Interface for Money (Bhim) 1.3 The National Payments Corporation of India BHIM application 1.3 for Android relies on a four-digit passcode, which makes it easier for attackers to obtain access. | 7.5 |
| 2018-08-23 | CVE-2018-15748 | Weak Password Requirements vulnerability in Dell products On Dell 2335dn printers with Printer Firmware Version 2.70.05.02, Engine Firmware Version 1.10.65, and Network Firmware Version V4.02.15(2335dn MFP) 11-22-2010, the admin interface allows an authenticated attacker to retrieve the configured SMTP or LDAP password by viewing the HTML source code of the Email Settings webpage. | 8.8 |
| 2018-06-28 | CVE-2018-12925 | Weak Password Requirements vulnerability in Lantronix MSS Firmware Baseon Lantronix MSS devices do not require a password for TELNET access. | 9.8 |
| 2018-05-02 | CVE-2018-1101 | Weak Password Requirements vulnerability in Redhat Ansible Tower Ansible Tower before version 3.2.4 has a flaw in the management of system and organization administrators that allows for privilege escalation. | 7.2 |
| 2018-05-02 | CVE-2017-1601 | Weak Password Requirements vulnerability in IBM Security Guardium Database Activity Monitor IBM Security Guardium 10.0, 10.0.1, and 10.1 through 10.1.4 Database Activity Monitor does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. | 9.8 |
| 2018-03-16 | CVE-2018-1000134 | Weak Password Requirements vulnerability in Pingidentity Ldapsdk UnboundID LDAP SDK version from commit 801111d8b5c732266a5dbd4b3bb0b6c7b94d7afb up to commit 8471904a02438c03965d21367890276bc25fa5a6, where the issue was reported and fixed contains an Incorrect Access Control vulnerability in process function in SimpleBindRequest class doesn't check for empty password when running in synchronous mode. | 9.8 |
| 2018-03-10 | CVE-2018-6312 | Weak Password Requirements vulnerability in Foxconn Ap-Fc4064-T Firmware Apgtb385.8.3Lb15W47Lte A privileged account with a weak default password on the Foxconn femtocell FEMTO AP-FC4064-T version AP_GT_B38_5.8.3lb15-W47 LTE Build 15 can be used to turn on the TELNET service via the web interface, which allows root login without any password. | 7.2 |