CWE-262 6 件の CVE MITRE の定義 ↗

CWE-262: Not Using Password Aging

概要

CWE-262(Not Using Password Aging)は各種脆弱性データベースや評価で用いられる弱点タイプを説明します。定義・背景・対応する CVE は以下の各セクションを参照してください。

セキュリティへの影響
セキュリティ影響:製品や文脈に依存します。CVE 記録、深刻度、MITRE の説明を参照して優先度を判断してください。

説明

The product does not have a mechanism in place for managing password aging.

適用プラットフォーム

種別 名称 クラス 普遍性 OS / CPE
language Not Language-Specific Undetermined

このデータベースの関連 CVE

これらの CVE は本データベースでこの弱点に対応付けられており、追跡と検索のために保持されています。

CVE 公開 概要
CVE-2026-50101 2026-06-12 Naxclow devices use a server-side, per-device relay credential that never rotates and is re-issued to the device on each boot. Because this credential remains valid indefinitely and cannot be reset or…
CVE-2025-60010 2025-10-09 A password aging vulnerability in the RADIUS client of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to access the device without enforcing the require…
CVE-2025-58435 2025-09-09 Open OnDemand is an open-source HPC portal. Prior to versions 3.1.15 and 4.0.7, noVNC interactive applications did not correctly rotate the password when TurboVNC was higher than version 3.1.2. The li…
CVE-2023-1555 2023-09-01 An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. A namespac…
CVE-2023-2022 2023-08-02 An issue has been discovered in GitLab CE/EE affecting all versions starting before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2, which leads to…
CVE-2022-22767 2022-06-02 Specific BD Pyxis™ products were installed with default credentials and may presently still operate with these credentials. There may be scenarios where BD Pyxis™ products are installed with the same …

旧名称

  • Not Allowing Password Aging (2008-04-11)

コンテンツ投稿

名称
CLASP
日付
2006-07-19
バージョン
Draft 3

コンテンツの変更履歴

日付 名称 バージョン 重要度 コメント
2008-09-08 CWE Content Team 1.0 updated Common_Consequences, Relationships, Other_Notes, Taxonomy_Mappings
2011-03-29 CWE Content Team 1.12 updated Relationships
2011-06-01 CWE Content Team 1.13 updated Common_Consequences
2011-06-27 CWE Content Team 2.0 updated Common_Consequences
2012-05-11 CWE Content Team 2.2 updated References, Relationships
2014-06-23 CWE Content Team 2.7 updated Other_Notes, Potential_Mitigations
2014-07-30 CWE Content Team 2.8 updated Relationships
2017-11-08 CWE Content Team 3.0 updated Applicable_Platforms, Likelihood_of_Exploit, Modes_of_Introduction, Relationships
2020-02-24 CWE Content Team 4.0 updated Demonstrative_Examples, Description, Potential_Mitigations, References, Type
2020-08-20 CWE Content Team 4.2 updated Related_Attack_Patterns
2022-10-13 CWE Content Team 4.9 updated Description, Potential_Mitigations, References, Relationships
2023-04-27 CWE Content Team 4.11 updated References, Relationships
2023-06-29 CWE Content Team 4.12 updated Mapping_Notes
2025-09-09 CWE Content Team 4.18 updated References
2025-12-11 CWE Content Team 4.19 updated Weakness_Ordinalities

貢献

タイプ 名称 日付 コメント
Feedback Kurt Seifried, Chris Eng, G. Ann Campbell, Larry Shields, Jeffrey Walton, Jason Dryhurst-Smith, and other members of the CWE Community 2021-12-03 Gave feedback on how to update CWE-262 and CWE-263 due to changing password management practices
cvelogic Threat Intelligence