CWE

Common Weakness Enumeration

A Community-Developed Dictionary of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors Common Weakness Scoring System
Common Weakness Risk Analysis Framework
Home > CWE List > CWE- Individual Dictionary Definition (2.7)  

Presentation Filter:

CWE-812: OWASP Top Ten 2010 Category A3 - Broken Authentication and Session Management

 
OWASP Top Ten 2010 Category A3 - Broken Authentication and Session Management
Category ID: 812 (Category)Status: Incomplete
+ Description

Description Summary

Weaknesses in this category are related to the A3 category in the OWASP Top Ten 2010.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ParentOfWeakness ClassWeakness Class287Improper Authentication
Weaknesses in OWASP Top Ten (2010) (primary)809
ParentOfWeakness VariantWeakness Variant306Missing Authentication for Critical Function
Weaknesses in OWASP Top Ten (2010) (primary)809
ParentOfWeakness BaseWeakness Base307Improper Restriction of Excessive Authentication Attempts
Weaknesses in OWASP Top Ten (2010) (primary)809
ParentOfWeakness BaseWeakness Base798Use of Hard-coded Credentials
Weaknesses in OWASP Top Ten (2010) (primary)809
MemberOfViewView809Weaknesses in OWASP Top Ten (2010)
Weaknesses in OWASP Top Ten (2010) (primary)809
+ References
OWASP. "Top 10 2010-A3-Broken Authentication and Session Management". <http://www.owasp.org/index.php/Top_10_2010-A3-Broken_Authentication_and_Session_Management>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
2010-06-17MITREInternal CWE Team
Modifications
Modification DateModifierOrganizationSource
2011-09-13MITREInternal
updated Relationships
Page Last Updated: June 23, 2014