CWE
Home > CWE List > CWE- Individual Dictionary Definition (1.6)  

CWE-255: Credentials Management

 
Credentials Management
Category ID: 255 (Category)Status: Draft
+ Description

Description Summary

Weaknesses in this category are related to the management of credentials.
+ Applicable Platforms

Languages

All

+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfCategoryCategory254Security Features
Development Concepts (primary)699
ChildOfCategoryCategory724OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness BaseWeakness Base259Hard-Coded Password
Development Concepts (primary)699
ParentOfWeakness VariantWeakness Variant261Weak Cryptography for Passwords
Development Concepts (primary)699
ParentOfWeakness VariantWeakness Variant262Not Using Password Aging
Development Concepts (primary)699
ParentOfWeakness BaseWeakness Base263Password Aging with Long Expiration
Development Concepts (primary)699
ParentOfWeakness BaseWeakness Base521Weak Password Requirements
Development Concepts (primary)699
ParentOfWeakness BaseWeakness Base522Insufficiently Protected Credentials
Development Concepts (primary)699
ParentOfWeakness VariantWeakness Variant549Missing Password Field Masking
Development Concepts (primary)699
ParentOfWeakness VariantWeakness Variant620Unverified Password Change
Development Concepts699
MemberOfViewView635Weaknesses Used by NVD
Weaknesses Used by NVD (primary)635
ParentOfWeakness BaseWeakness Base640Weak Password Recovery Mechanism for Forgotten Password
Development Concepts (primary)699
+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
OWASP Top Ten 2004A3CWE More SpecificBroken Authentication and Session Management
+ Content History
Modifications
Modification DateModifierOrganizationSource
2008-09-08CWE Content TeamMITREInternal
updated Relationships, Taxonomy Mappings
Page Last Updated: October 29, 2009