CWE-347 - Improper Verification of Cryptographic Signature

CWE-347

Abstraction:
Base

Structure:
Simple

Status:
Draft

Weakness Name: Improper Verification of Cryptographic Signature

Description: The product does not verify, or incorrectly verifies, the cryptographic signature for data.

Common Consequences: Scope: Access Control, Integrity, Confidentiality
Impact: Gain Privileges or Assume Identity, Modify Application Data, Execute Unauthorized Code or Commands
Notes: An attacker could gain access to sensitive data and possibly execute unauthorized code.

Related Weaknesses: CWE-345Insufficient Verification of Data Authenticity

Release Date:
2006-07-19

Latest Modification Date:
2023-06-29

Free security scan for your website

Don't show website scan report rating on the leaderboard