CWE - CWE-592: Authentication Bypass Issues (Draft 9)

Home > CWE List > CWE-592 Individual Dictionary Definition (Draft 9)

CWE-592 Individual Dictionary Definition (Draft 9)

Weakness ID

Status: Incomplete

592 (Weakness Class)

Description

Summary

The software does not properly perform authentication, allowing it to be bypassed through various methods.

Relationships

Nature	Type	ID	Name
ChildOf	Weakness Class	287	Insufficient Authentication
ParentOf	Weakness Variant	288	Authentication Bypass by Alternate Path/Channel
ParentOf	Weakness Variant	289	Authentication Bypass by Alternate Name
ParentOf	Weakness Base	290	Authentication Bypass by Spoofing
ParentOf	Weakness Base	294	Authentication Bypass by Capture-replay
ParentOf	Weakness Variant	302	Authentication Bypass by Assumed-Immutable Data
ParentOf	Weakness Base	305	Authentication Bypass by Primary Weakness
ParentOf	Weakness Variant	593	Authentication Bypass: OpenSSL CTX Object Modified after SSL Objects are Created
PeerOf	Weakness Base	603	Use of Client-Side Authentication

Page Last Updated: April 22, 2008


	CWE is sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security. This Web site is hosted by The MITRE Corporation. Copyright 2008, The MITRE Corporation. CWE and the CWE logo are trademarks of The MITRE Corporation. Contact cwe@mitre.org for more information.	Privacy policy Terms of use Contact us