CWE-263
Password Aging with Long Expiration
BaseDraftLikelihood: Low
Description
The product supports password aging, but the expiration period is too long.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-16 · CAPEC-49 · CAPEC-509 · CAPEC-55 · CAPEC-555 · CAPEC-560 · CAPEC-561 · CAPEC-565 · CAPEC-600 · CAPEC-652 · CAPEC-653 · CAPEC-70
CVEs mapped to this weakness (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-1976 | — | 0.00 | — | 0.01 | Apr 11, 2023 | Password Aging with Long Expiration in GitHub repository answerdev/answer prior to 1.0.6. | ||
| CVE-2011-4287 | 0.00 | — | 0.02 | Jul 16, 2012 | admin/uploaduser_form.php in Moodle 2.0.x before 2.0.3 does not force password changes for autosubscribed users, which makes it easier for remote attackers to obtain access by leveraging knowledge of the initial password of a new user. |
- CVE-2023-1976Apr 11, 2023risk 0.00cvss —epss 0.01
Password Aging with Long Expiration in GitHub repository answerdev/answer prior to 1.0.6.
- CVE-2011-4287Jul 16, 2012risk 0.00cvss —epss 0.02
admin/uploaduser_form.php in Moodle 2.0.x before 2.0.3 does not force password changes for autosubscribed users, which makes it easier for remote attackers to obtain access by leveraging knowledge of the initial password of a new user.