CWE-255: Credentials Management Errors
ID
CWE-255
Status
Draft
Number of CVEs
755
Weaknesses in this category are related to the management of credentials.
Relationships
View | Weakness | ||||||
---|---|---|---|---|---|---|---|
# ID | Name | # ID | Name | Abstraction | Structure | Status | |
CWE-699 | Software Development | CWE-256 | Plaintext Storage of a Password | Base | Simple | Incomplete | |
CWE-699 | Software Development | CWE-257 | Storing Passwords in a Recoverable Format | Base | Simple | Incomplete | |
CWE-699 | Software Development | CWE-260 | Password in Configuration File | Base | Simple | Incomplete | |
CWE-699 | Software Development | CWE-261 | Weak Encoding for Password | Base | Simple | Incomplete | |
CWE-699 | Software Development | CWE-262 | Not Using Password Aging | Base | Simple | Draft | |
CWE-699 | Software Development | CWE-263 | Password Aging with Long Expiration | Base | Simple | Draft | |
CWE-699 | Software Development | CWE-324 | Use of a Key Past its Expiration Date | Base | Simple | Draft | |
CWE-699 | Software Development | CWE-521 | Weak Password Requirements | Base | Simple | Draft | |
CWE-699 | Software Development | CWE-523 | Unprotected Transport of Credentials | Base | Simple | Incomplete | |
CWE-699 | Software Development | CWE-549 | Missing Password Field Masking | Base | Simple | Draft | |
CWE-699 | Software Development | CWE-620 | Unverified Password Change | Base | Simple | Draft | |
CWE-699 | Software Development | CWE-640 | Weak Password Recovery Mechanism for Forgotten Password | Base | Simple | Incomplete | |
CWE-699 | Software Development | CWE-798 | Use of Hard-coded Credentials | Base | Simple | Draft | |
CWE-699 | Software Development | CWE-916 | Use of Password Hash With Insufficient Computational Effort | Base | Simple | Incomplete | |
CWE-699 | Software Development | CWE-1392 | Use of Default Credentials | Base | Simple | Incomplete |
CVEs Published
CVSS Severity
CVSS Severity - By Year
CVSS Base Score
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |
Loading...