CVE-2023-34240

CRITICAL Year: 2023
CVSS v3 Score
9.8
Critical
Weakness Type
CWE-521
View all →

Vulnerability Description

Cloudexplorer-lite is an open source cloud software stack. Weak passwords can be easily guessed and are an easy target for brute force attacks. This can lead to an authentication system failure and compromise system security. Versions of cloudexplorer-lite prior to 1.2.0 did not enforce strong passwords. This vulnerability has been fixed in version 1.2.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Related Vulnerabilities

CVE-2017-1196

CRITICAL
CVSS:9.8(Critical)

IBM BigFix Compliance (TEMA SUAv1 SCA SCM) 1.9.70 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: ...

CWE-5212017

CVE-2017-1221

CRITICAL
CVSS:9.8(Critical)

IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force I...

CWE-5212017

CVE-2017-12861

CRITICAL
CVSS:9.8(Critical)

The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only th...

CWE-5212017

CVE-2017-14189

CRITICAL
CVSS:9.8(Critical)

An improper access control vulnerability in Fortinet FortiWebManager 5.8.0 allows anyone that can access the admin webUI to successfully log-in regardless the provided password.

CWE-5212017

CVE-2017-1601

CRITICAL
CVSS:9.8(Critical)

IBM Security Guardium 10.0, 10.0.1, and 10.1 through 10.1.4 Database Activity Monitor does not require that users should have strong passwords by default, which makes it easier for attackers to compro...

CWE-5212017

CVE-2017-18857

CRITICAL
CVSS:9.8(Critical)

The NETGEAR Insight application before 2.42 for Android and iOS is affected by password mismanagement.

CWE-5212017