Weak configurations refer to suboptimal or insecure settings applied to systems, applications, or network components. These vulnerabilities arise when administrators or users fail to implement proper security configurations, leaving systems exposed to potential attacks. Common examples include using default or easily guessable passwords, leaving unnecessary services enabled, or misconfiguring access controls.