CWE-254
52 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-254page 2 of 2
- CVE-2021-40006MEDIUMCVSS 4.6EG 4.62022-01-10
Vulnerability of design defects in the security algorithm component. Successful exploitation of this vulnerability may affect confidentiality.
- CVE-2021-43177MEDIUMCVSS 5.3EG 5.32022-04-11
As a result of an incomplete fix for CVE-2015-7225, in versions of devise-two-factor prior to 4.0.2 it is possible to reuse a One-Time-Password (OTP) for one (and only one) immediately trailing interval. CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR…
Map vulnerabilities like CWE-254 to your infrastructure
EchelonGraph correlates every CVE — across CWE-254 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →