1. Home
  2. Weaknesses
  3. CWE-13

CWE-13: ASP.NET Misconfiguration: Password in Configuration File

ID CWE-13
Abstraction Variant
Structure Simple
Status Draft
Detail Web & Social
Storing a plaintext password in a configuration file allows anyone who can read the file access to the password-protected resource making them an easy target for attackers.

Modes of Introduction

Phase Note
Architecture and Design
Implementation

Relationships

View Weakness
# ID View Status # ID Name Abstraction Structure Status
CWE-1000 Research Concepts Draft CWE-260 Password in Configuration File Base Simple Incomplete