CWE-1353: OWASP Top Ten 2021 Category A07:2021 - Identification and Authentication Failures
ID
CWE-1353
Status
Incomplete
Weaknesses in this category are related to the A07 category "Identification and Authentication Failures" in the OWASP Top Ten 2021.
Relationships
| View | Weakness | ||||||
|---|---|---|---|---|---|---|---|
| # ID | Name | # ID | Name | Abstraction | Structure | Status | |
| CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-255 | Credentials Management Errors | Draft | |||
| CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-259 | Use of Hard-coded Password | Variant | Simple | Draft | |
| CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-287 | Improper Authentication | Class | Simple | Draft | |
| CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-288 | Authentication Bypass Using an Alternate Path or Channel | Base | Simple | Incomplete | |
| CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-290 | Authentication Bypass by Spoofing | Base | Simple | Incomplete | |
| CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-294 | Authentication Bypass by Capture-replay | Base | Simple | Incomplete | |
| CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-295 | Improper Certificate Validation | Base | Simple | Draft | |
| CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-297 | Improper Validation of Certificate with Host Mismatch | Variant | Simple | Incomplete | |
| CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-300 | Channel Accessible by Non-Endpoint | Class | Simple | Draft | |
| CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-302 | Authentication Bypass by Assumed-Immutable Data | Base | Simple | Incomplete | |
| CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-304 | Missing Critical Step in Authentication | Base | Simple | Draft | |
| CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-306 | Missing Authentication for Critical Function | Base | Simple | Draft | |
| CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-307 | Improper Restriction of Excessive Authentication Attempts | Base | Simple | Draft | |
| CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-346 | Origin Validation Error | Class | Simple | Draft | |
| CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-384 | Session Fixation | Compound | Composite | Incomplete | |
| CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-521 | Weak Password Requirements | Base | Simple | Draft | |
| CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-613 | Insufficient Session Expiration | Base | Simple | Incomplete | |
| CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-620 | Unverified Password Change | Base | Simple | Draft | |
| CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-640 | Weak Password Recovery Mechanism for Forgotten Password | Base | Simple | Incomplete | |
| CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-798 | Use of Hard-coded Credentials | Base | Simple | Draft | |
| CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-940 | Improper Verification of Source of a Communication Channel | Base | Simple | Incomplete | |
| CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-1216 | Lockout Mechanism Errors | Draft | |||
Loading...