CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (2.10)  
ID

CWE CATEGORY: SFP Secondary Cluster: Insecure Authentication Policy

Category ID: 951
Status: Incomplete
+ Description

Description Summary

This category identifies Software Fault Patterns (SFPs) within the Insecure Authentication Policy cluster.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfCategoryCategory898SFP Primary Cluster: Authentication
Software Fault Pattern (SFP) Clusters (primary)888
ParentOfWeakness VariantWeakness Variant262Not Using Password Aging
Software Fault Pattern (SFP) Clusters (primary)888
ParentOfWeakness BaseWeakness Base263Password Aging with Long Expiration
Software Fault Pattern (SFP) Clusters (primary)888
ParentOfWeakness BaseWeakness Base521Weak Password Requirements
Software Fault Pattern (SFP) Clusters (primary)888
ParentOfWeakness VariantWeakness Variant556ASP.NET Misconfiguration: Use of Identity Impersonation
Software Fault Pattern (SFP) Clusters (primary)888
ParentOfWeakness BaseWeakness Base613Insufficient Session Expiration
Software Fault Pattern (SFP) Clusters (primary)888
ParentOfWeakness BaseWeakness Base645Overly Restrictive Account Lockout Mechanism
Software Fault Pattern (SFP) Clusters (primary)888
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
2014-07-29Internal CWE Team

More information is available — Please select a different filter.
Page Last Updated: January 11, 2017