A CWE-640: Weak Password Recovery Mechanism for Forgotten...
Critical severity
Unreviewed
Published
May 24, 2022
to the GitHub Advisory Database
•
Updated Nov 24, 2024
Description
Published by the National Vulnerability Database
Jun 11, 2021
Published to the GitHub Advisory Database
May 24, 2022
Last updated
Nov 24, 2024
A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 (see security notification for version infromation) that could allow an attacker administrator level access to a device.
References