CWE-262— Not Using Password Aging

5 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →

CVEs classified under CWE-262page 1 of 1

CVE-2022-22767HIGHCVSS 8.8EG 8.8
2022-06-02
Specific BD Pyxis™ products were installed with default credentials and may presently still operate with these credentials. There may be scenarios where BD Pyxis™ products are installed with the same default local operating system cred…
CVE-2023-1555LOWCVSS 2.7EG 2.7
2023-09-01
An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. A namespace-level banned user can access the API.
CVE-2023-2022MEDIUMCVSS 4.3EG 4.3
2023-08-02
An issue has been discovered in GitLab CE/EE affecting all versions starting before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2, which leads to developers being able to create pipeli…
CVE-2025-58435MEDIUMCVSS 4.1EG 0.0
2025-09-09
Open OnDemand is an open-source HPC portal. Prior to versions 3.1.15 and 4.0.7, noVNC interactive applications did not correctly rotate the password when TurboVNC was higher than version 3.1.2. The likelihood of exploitation is low as a us…
CVE-2025-60010MEDIUMCVSS 5.4EG 5.4
2025-10-09
A password aging vulnerability in the RADIUS client of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to access the device without enforcing the required password change. Affected devices al…

Map vulnerabilities like CWE-262 to your infrastructure

EchelonGraph correlates every CVE — across CWE-262 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.

Start Free Scan →