logo

CWE-309 - Use of Password System for Primary Authentication

CWE-309 High

  • Abstraction:
  • Base
  • Structure:
  • Simple
  • Status:
  • Draft
Weakness Name

Use of Password System for Primary Authentication

Description

The use of password systems as the primary means of authentication may be subject to several flaws or shortcomings, each reducing the effectiveness of the mechanism.

Common Consequences

Scope: Access Control

Impact: Bypass Protection Mechanism, Gain Privileges or Assume Identity

Notes: A password authentication mechanism error will almost always result in attackers being authorized as valid users.

Related Weaknesses
  • Release Date:
  • 2006-07-19
  • Latest Modification Date:
  • 2023-06-29

Free security scan for your website