CWE-290 - Authentication Bypass by Spoofing

CWE-290

Abstraction:
Base

Structure:
Simple

Status:
Incomplete

Weakness Name: Authentication Bypass by Spoofing

Description: This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

Common Consequences: Scope: Access Control
Impact: Bypass Protection Mechanism, Gain Privileges or Assume Identity
Notes: This weakness can allow an attacker to access resources which are not otherwise accessible without proper authentication.

Related Weaknesses

CWE-287Improper AuthenticationHigh

CWE-1390Weak Authentication

Release Date:
2006-07-19

Latest Modification Date:
2023-10-26

Free security scan for your website

Don't show website scan report rating on the leaderboard