Credentials Management
Category ID: 255 (Category)Status: Draft
+ Description

Description Summary

Weaknesses in this category are related to the management of credentials.
+ Applicable Platforms



+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfCategoryCategory254Security Features
Development Concepts (primary)699
ChildOfCategoryCategory724OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant261Weak Cryptography for Passwords
Development Concepts (primary)699
ParentOfWeakness VariantWeakness Variant262Not Using Password Aging
Development Concepts (primary)699
ParentOfWeakness BaseWeakness Base263Password Aging with Long Expiration
Development Concepts (primary)699
ParentOfWeakness BaseWeakness Base521Weak Password Requirements
Development Concepts (primary)699
ParentOfWeakness BaseWeakness Base522Insufficiently Protected Credentials
Development Concepts (primary)699
ParentOfWeakness VariantWeakness Variant549Missing Password Field Masking
Development Concepts (primary)699
ParentOfWeakness VariantWeakness Variant620Unverified Password Change
Development Concepts699
ParentOfWeakness BaseWeakness Base640Weak Password Recovery Mechanism for Forgotten Password
Development Concepts (primary)699
ParentOfWeakness BaseWeakness Base798Use of Hard-coded Credentials
Development Concepts (primary)699
MemberOfViewView635Weaknesses Used by NVD
Weaknesses Used by NVD (primary)635
+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
OWASP Top Ten 2004A3CWE More SpecificBroken Authentication and Session Management
+ Content History
Modification DateModifierOrganizationSource
2008-09-08CWE Content TeamMITREInternal
updated Relationships, Taxonomy Mappings