CWE-523 - Unprotected Transport of Credentials
CWE-523
- Abstraction:
- Base
- Structure:
- Simple
- Status:
- Incomplete
- Weakness Name
Unprotected Transport of Credentials
- Description
Login pages do not use adequate measures to protect the user name and password while they are in transit from the client to the server.
- Common Consequences
Scope: Access Control
Impact: Gain Privileges or Assume Identity
- Related Weaknesses
- Release Date:
- 2006-07-19
- Latest Modification Date:
- 2023-06-29
Free security scan for your website