CWE 719

OWASP Top Ten 2007 Category A8 - Insecure Cryptographic Storage

Category ID: 719 (Category)

Status: Incomplete

Description

Description Summary

Weaknesses in this category are related to the A8 category in the OWASP Top Ten 2007.

Relationships

Nature	Type	ID	Name	View(s) this relationship pertains to
ParentOf	Weakness Base	311	Missing SecurityDatabase\Encrypt\Encryption of Sensitive Data	Weaknesses in OWASP Top Ten (2007) (primary)629
ParentOf	Weakness Base	321	Use of Hard-coded Cryptographic Key	Weaknesses in OWASP Top Ten (2007) (primary)629
ParentOf	Weakness Base	325	Missing Required Cryptographic Step	Weaknesses in OWASP Top Ten (2007) (primary)629
ParentOf	Weakness Class	326	Inadequate SecurityDatabase\Encrypt\Encryption Strength	Weaknesses in OWASP Top Ten (2007) (primary)629
MemberOf	View	629	Weaknesses in OWASP Top Ten (2007)	Weaknesses in OWASP Top Ten (2007) (primary)629

Related Attack Patterns

CAPEC-ID	Attack Pattern Name	(CAPEC Version: 1.4)
97	Cryptanalysis
20	SecurityDatabase\Encrypt\Encryption Brute Forcing
55	Rainbow Table Password Cracking
59	Session Credential Falsification through Prediction
65	Passively Sniff and Capture Application Code Bound for Authorized Client

References

OWASP. "Top 10 2007-Insecure Cryptographic Storage". 2007. <http://www.owasp.org/index.php/Top_10_2007-A8>.

Content History

Submissions
Submission Date	Submitter	Organization	Source
2008-09-09		MITRE	Internal CWE Team
2008-09-09
Modifications
Modification Date	Modifier	Organization	Source
2009-12-28	CWE Content Team	MITRE	Internal
2009-12-28	updated Related Attack Patterns