CWE-309 - Use of Password System for Primary Authentication
CWE-309 High
- Abstraction:
- Base
- Structure:
- Simple
- Status:
- Draft
- Weakness Name
Use of Password System for Primary Authentication
- Description
The use of password systems as the primary means of authentication may be subject to several flaws or shortcomings, each reducing the effectiveness of the mechanism.
- Common Consequences
Scope: Access Control
Impact: Bypass Protection Mechanism, Gain Privileges or Assume Identity
Notes: A password authentication mechanism error will almost always result in attackers being authorized as valid users.
- Related Weaknesses
- Release Date:
- 2006-07-19
- Latest Modification Date:
- 2023-06-29
Free security scan for your website