VYPR

CWE-263

Password Aging with Long Expiration

BaseDraftLikelihood: Low

Description

The product supports password aging, but the expiration period is too long.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-16 · CAPEC-49 · CAPEC-509 · CAPEC-55 · CAPEC-555 · CAPEC-560 · CAPEC-561 · CAPEC-565 · CAPEC-600 · CAPEC-652 · CAPEC-653 · CAPEC-70

CVEs mapped to this weakness (2)

  • CVE-2023-1976Apr 11, 2023
    risk 0.00cvss epss 0.01

    Password Aging with Long Expiration in GitHub repository answerdev/answer prior to 1.0.6.

  • CVE-2011-4287Jul 16, 2012
    risk 0.00cvss epss 0.02

    admin/uploaduser_form.php in Moodle 2.0.x before 2.0.3 does not force password changes for autosubscribed users, which makes it easier for remote attackers to obtain access by leveraging knowledge of the initial password of a new user.