logo

CWE-523 - Unprotected Transport of Credentials

CWE-523

  • Abstraction:
  • Base
  • Structure:
  • Simple
  • Status:
  • Incomplete
Weakness Name

Unprotected Transport of Credentials

Description

Login pages do not use adequate measures to protect the user name and password while they are in transit from the client to the server.

Common Consequences

Scope: Access Control

Impact: Gain Privileges or Assume Identity

Related Weaknesses
  • Release Date:
  • 2006-07-19
  • Latest Modification Date:
  • 2023-06-29

Free security scan for your website