Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-257

CWE-257

High likelihood

Storing Passwords in a Recoverable Format

Parent: CWE-522 - Insufficiently Protected Credentials

The storage of passwords in a recoverable format makes them subject to password reuse attacks by malicious users. In fact, it should be noted that recoverable encrypted passwords provide no significant benefit over plaintext passwords since they are subject not only to reuse by malicious attackers but also by malicious insiders. If a system administrator can recover a password directly, or use a brute force search on the available information, the administrator can use the password on other accounts.

64 vulnerabilities with CWE-257

CVE-2024-32151 MEDIUM

Product with vulnerability - Info Disclosure

CVE-2024-20462 MEDIUM

Cisco ATA 190 Series - Info Disclosure

CVE-2024-45744 LOW

TopQuadrant TopBraid EDG <7.1.3 - Info Disclosure

CVE-2024-6694 LOW

WP Mail SMTP <4.0.1 - Info Disclosure

CVE-2024-32932 MEDIUM

Web Interface <unknown> - Info Disclosure

CVE-2024-32756 MEDIUM

Linux <version> - Info Disclosure

CVE-2024-3073 LOW

Easy WP SMTP by SendLayer - Info Disclosure

CVE-2024-32042 MEDIUM

CyberPower PowerPanel - Info Disclosure

CVE-2024-3543 MEDIUM

Reversible Password Encryption - Info Disclosure

CVE-2024-1480 HIGH

Unitronics Vision Standard - Info Disclosure

CVE-2023-42955 MEDIUM

FileMaker Server 20.3.1 - Info Disclosure

CVE-2023-38738 MEDIUM

IBM OpenPages with Watson <9.0 - Privilege Escalation

CVE-2023-31001 MEDIUM

IBM Security Verify Access - Info Disclosure

CVE-2023-5627 HIGH

NPort 6000 Series - Privilege Escalation

CVE-2023-2358 MEDIUM

Hitachi Vantara Pentaho <9.5.0.0-9.3.0.4 - Info Disclosure

CVE-2023-2881 MEDIUM

pimcore/customer-data-framework <3.3.10 - Info Disclosure

CVE-2023-31150 HIGH

SEL RTAC - Info Disclosure

CVE-2023-23382 MEDIUM

Microsoft Azure Machine Learning - Information Disclosure

CVE-2023-21726 HIGH

Windows Credential Manager - Privilege Escalation

CVE-2022-47376 HIGH

Alaris Infusion Central <1.4 - Info Disclosure

CVE-2022-32519 HIGH

Data Center Expert <7.9.0 - Info Disclosure

CVE-2022-46142 MEDIUM

Affected Devices - Info Disclosure

CVE-2022-22251 HIGH

Juniper Networks Junos OS <21.2R1 - Privilege Escalation

CVE-2022-34838 HIGH

ABB Zenon 8.20 - Info Disclosure

CVE-2022-34837 MEDIUM

ABB Zenon 8.20 - Info Disclosure

Previous Page 2 of 3 Next

Details

Vulnerabilities 64

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy