CWE 255

Credentials Management

Category ID: 255 (Category)

Status: Draft

Description

Description Summary

Weaknesses in this category are related to the management of credentials.

Applicable Platforms

Languages

All

Relationships

Nature	Type	ID	Name	View(s) this relationship pertains to
ChildOf	Category	254	Security Features	Development Concepts (primary)699
ChildOf	Category	724	OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management	Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOf	Weakness Variant	261	Weak Cryptography for Passwords	Development Concepts (primary)699
ParentOf	Weakness Variant	262	Not Using Password Aging	Development Concepts (primary)699
ParentOf	Weakness Base	263	Password Aging with Long Expiration	Development Concepts (primary)699
ParentOf	Weakness Base	521	Weak Password Requirements	Development Concepts (primary)699
ParentOf	Weakness Base	522	Insufficiently Protected Credentials	Development Concepts (primary)699
ParentOf	Weakness Variant	549	Missing Password Field Masking	Development Concepts (primary)699
ParentOf	Weakness Variant	620	Unverified Password Change	Development Concepts699
ParentOf	Weakness Base	640	Weak Password Recovery Mechanism for Forgotten Password	Development Concepts (primary)699
ParentOf	Weakness Base	798	Use of Hard-coded Credentials	Development Concepts (primary)699
MemberOf	View	635	Weaknesses Used by NVD	Weaknesses Used by NVD (primary)635

Taxonomy Mappings

Mapped Taxonomy Name	Node ID	Fit	Mapped Node Name
OWASP Top Ten 2004	A3	CWE More Specific	Broken Authentication and Session Management

Content History

Modifications
Modification Date	Modifier	Organization	Source
2008-09-08	CWE Content Team	MITRE	Internal
2008-09-08	updated Relationships, Taxonomy Mappings

Copyright Security-Database 2006-2023 - Powered by themself ;) in 0.0152s

Facebook rss twitter linkedin mail