CWE-521 - Weak Password Requirements

Description

The task of authentication mechanism consists in control and requirement to make the passwords more complete. Under the influence of the weakness mechanism doesn't demand strong passwords that makes the field of guessing combination smaller. It allows attackers to learn password and access user's accounts or obtain potentially sensitive information.
The weakness is introduced during Architecture and Design, Implementation stages.

Latest vulnerabilities for CWE-521

Multiple vulnerabilities in Bosch Remote Programing Software 2024-03-13
Medium Yes

Multiple vulnerabilities in IBM Engineering Requirements Management DOORS/DWA 2024-03-04
Critical Yes

Multiple vulnerabilities in IBM QRadar Suite software 2024-03-03
Medium Yes

Weak password requirements in IBM Sterling Order Management 2023-10-24
Medium Yes

Multiple vulnerabilities in OPTO 22 SNAP PAC S1 2023-08-28
Medium No

Multiple vulnerabilities in SAP Commerce 2023-08-09
Medium Yes

Multiple vulnerabilities in Apache InLong 2023-08-01
High Yes

Multiple vulnerabilities in PiiGAB M-Bus 2023-07-07
High Yes

Multiple vulnerabilities in Mitsubishi Electric MELSEC iQ-R Series/iQ-F Series, EtherNet/IP Modules and EtherNet/IP 2023-06-07
Medium No

Privilege escalation in fwupd 2023-05-09
Low Yes

References

Description of CWE-521 on Mitre website