CWE-930: OWASP Top Ten 2013 Category A2 - Broken Authentication and Session Management
ID
CWE-930
Status
Obsolete
Weaknesses in this category are related to the A2 category in the OWASP Top Ten 2013.
Relationships
| View | Weakness | ||||||
|---|---|---|---|---|---|---|---|
| # ID | Name | # ID | Name | Abstraction | Structure | Status | |
| CWE-928 | Weaknesses in OWASP Top Ten (2013) | CWE-256 | Plaintext Storage of a Password | Base | Simple | Incomplete | |
| CWE-928 | Weaknesses in OWASP Top Ten (2013) | CWE-287 | Improper Authentication | Class | Simple | Draft | |
| CWE-928 | Weaknesses in OWASP Top Ten (2013) | CWE-311 | Missing Encryption of Sensitive Data | Class | Simple | Draft | |
| CWE-928 | Weaknesses in OWASP Top Ten (2013) | CWE-384 | Session Fixation | Compound | Composite | Incomplete | |
| CWE-928 | Weaknesses in OWASP Top Ten (2013) | CWE-522 | Insufficiently Protected Credentials | Class | Simple | Incomplete | |
| CWE-928 | Weaknesses in OWASP Top Ten (2013) | CWE-523 | Unprotected Transport of Credentials | Base | Simple | Incomplete | |
| CWE-928 | Weaknesses in OWASP Top Ten (2013) | CWE-613 | Insufficient Session Expiration | Base | Simple | Incomplete | |
| CWE-928 | Weaknesses in OWASP Top Ten (2013) | CWE-620 | Unverified Password Change | Base | Simple | Draft | |
| CWE-928 | Weaknesses in OWASP Top Ten (2013) | CWE-640 | Weak Password Recovery Mechanism for Forgotten Password | Base | Simple | Incomplete | |
Loading...