Search

Blog Stats Labs CLI MCP API Limits About Privacy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Blog Statistics Labs CLI Tool MCP Server API Documentation Rate Limits About Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-257

CWE-257

High likelihood

Storing Passwords in a Recoverable Format

Parent: CWE-522 - Insufficiently Protected Credentials

The storage of passwords in a recoverable format makes them subject to password reuse attacks by malicious users. In fact, it should be noted that recoverable encrypted passwords provide no significant benefit over plaintext passwords since they are subject not only to reuse by malicious attackers but also by malicious insiders. If a system administrator can recover a password directly, or use a brute force search on the available information, the administrator can use the password on other accounts.

58 vulnerabilities with CWE-257

RustDesk Client - Info Disclosure

CVE-2026-20128 HIGH

Cisco Catalyst SD-WAN Manager - Privilege Escalation

CVE-2025-57796 MEDIUM

Explorance Blue <8.14.12 - Info Disclosure

Automated Logic WebCTRL <9.0, Carrier i-Vu <9.0 - Info Disclosure

Asseco InfoMedica - Code Injection

NetSupport Manager <14.12.0001 - Info Disclosure

CVE-2025-40774 MEDIUM

SiPass integrated < V3.0 - Info Disclosure

CVE-2025-35054 MEDIUM

Newforma Info Exchange - Privilege Escalation

CVE-2025-0280 HIGH

HCL Compass - Privilege Escalation

CVE-2025-58049 MEDIUM

XWiki Platform <16.4.8-17.4.0-rc-1 - Info Disclosure

CVE-2025-57789 MEDIUM

Default Credential - Privilege Escalation

CVE-2025-8904 HIGH

Amazon EMR <7.5 - Privilege Escalation

CVE-2025-44958 MEDIUM

RUCKUS Network Director <4.5 - Info Disclosure

CVE-2025-6996 HIGH

Ivanti Endpoint Manager <2024 SU3, 2022 SU8 SU1 - Info Disclosure

CVE-2025-6995 HIGH

Ivanti Endpoint Manager <2024 SU3, 2022 SU8 SU1 - Info Disclosure

CVE-2025-27459 MEDIUM

VNC - Info Disclosure

CVE-2024-51552 MEDIUM

ASPECT <3.* - Info Disclosure

CVE-2025-25983 LOW

Macro-video Technologies Co.,Ltd V380 Pro <2.1.64 - Info Disclosure

CVE-2024-32122 LOW

Fortinet FortiOS <7.4.8 - Info Disclosure

CVE-2025-24852 MEDIUM

CHOCO TEI WATCHER mini - Info Disclosure

SIMPLE.ERP <6.30 - Privilege Escalation

CVE-2024-32151 MEDIUM

Product with vulnerability - Info Disclosure

CVE-2024-20462 MEDIUM

Cisco ATA 190 Series - Info Disclosure

CVE-2024-45744 LOW

TopQuadrant TopBraid EDG <7.1.3 - Info Disclosure

CVE-2024-6694 LOW

WP Mail SMTP <4.0.1 - Info Disclosure

Page 1 of 3 Next

Details

Vulnerabilities 58

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy