CWE-309 - Use of Password System for Primary Authentication

Abstraction:Base
Structure:Simple
Status:Draft

Release Date:2006-07-19
Latest Modification Date:2023-06-29

Weakness Name

Use of Password System for Primary Authentication

Description

The use of password systems as the primary means of authentication may be subject to several flaws or shortcomings, each reducing the effectiveness of the mechanism.

Common Consequences

Scope: Access Control

Impact: Bypass Protection Mechanism, Gain Privileges or Assume Identity

Notes: A password authentication mechanism error will almost always result in attackers being authorized as valid users.

CWE-309 - Use of Password System for Primary Authentication

Weakness Name

Description

Common Consequences

Related Weaknesses

Top Security News

Top CVE List

Top Alert List

Top CWE List