1. Home
  2. Weaknesses
  3. CWE-258

CWE-258: Empty Password in Configuration File

ID CWE-258
Abstraction Variant
Structure Simple
Status Incomplete
Number of CVEs 7
Detail Dashboard Vulnerabilities Web & Social
Using an empty string as a password is insecure.

Modes of Introduction

Phase Note
Architecture and Design
Implementation REALIZATION: This weakness is caused during implementation of an architectural security tactic.
Operation

Applicable Platforms

Type Class Name Prevalence
Language Not Language-Specific

Relationships

View Weakness
# ID View Status # ID Name Abstraction Structure Status
CWE-1000 Research Concepts Draft CWE-260 Password in Configuration File Base Simple Incomplete
CWE-1000 Research Concepts Draft CWE-521 Weak Password Requirements Base Simple Draft

CVEs Published

Based on CVE published date

CVSS Severity

CVSS Severity - By Year

CVSS Base Score

# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date