CWE-358 - Improperly Implemented Security Check for Standard

CWE ID:

CWE-358

Abstraction:Base
Structure:Simple
Status:Draft

Release Date:2006-07-19
Latest Modification Date:2023-06-29

Weakness Name

Improperly Implemented Security Check for Standard

Description

The product does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.

Common Consequences

Scope: Access Control

Impact: Bypass Protection Mechanism

Related Weaknesses

CWE-290Authentication Bypass by Spoofing

CWE-345Insufficient Verification of Data Authenticity

CWE-573Improper Following of Specification by Caller

CWE-693Protection Mechanism Failure

Latest Security News

Latest CVE List

Common Alerts

HighSource Code Disclosure - CVE-2012-1823
HighSQL Injection - PostgreSQL
InformationalBase64 Disclosure in WebSocket message
HighCORS Misconfiguration
HighLDAP Injection
MediumCSP: Malformed Policy (Non-ASCII)
HighServer Side Code Injection - ASP Code Injection
LowOld Asp.Net Version in Use
MediumHidden File Found
MediumHTTP to HTTPS Insecure Transition in Form Post