CWE-255: Credentials Management Errors

ID CWE-255

Status Draft

Number of CVEs 755

Weaknesses in this category are related to the management of credentials.

Relationships

View		Weakness
# ID	Name	# ID	Name	Abstraction	Structure	Status
CWE-699	Software Development	CWE-256	Plaintext Storage of a Password	Base	Simple	Incomplete
CWE-699	Software Development	CWE-257	Storing Passwords in a Recoverable Format	Base	Simple	Incomplete
CWE-699	Software Development	CWE-260	Password in Configuration File	Base	Simple	Incomplete
CWE-699	Software Development	CWE-261	Weak Encoding for Password	Base	Simple	Incomplete
CWE-699	Software Development	CWE-262	Not Using Password Aging	Base	Simple	Draft
CWE-699	Software Development	CWE-263	Password Aging with Long Expiration	Base	Simple	Draft
CWE-699	Software Development	CWE-324	Use of a Key Past its Expiration Date	Base	Simple	Draft
CWE-699	Software Development	CWE-521	Weak Password Requirements	Base	Simple	Draft
CWE-699	Software Development	CWE-523	Unprotected Transport of Credentials	Base	Simple	Incomplete
CWE-699	Software Development	CWE-549	Missing Password Field Masking	Base	Simple	Draft
CWE-699	Software Development	CWE-620	Unverified Password Change	Base	Simple	Draft
CWE-699	Software Development	CWE-640	Weak Password Recovery Mechanism for Forgotten Password	Base	Simple	Incomplete
CWE-699	Software Development	CWE-798	Use of Hard-coded Credentials	Base	Simple	Draft
CWE-699	Software Development	CWE-916	Use of Password Hash With Insufficient Computational Effort	Base	Simple	Incomplete
CWE-699	Software Development	CWE-1392	Use of Default Credentials	Base	Simple	Incomplete

CVEs Published

Based on CVE published date

CVSS Severity

CVSS Severity - By Year

CVSS Base Score

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date