Incorrect Implementation of Authentication Algorithm |
Weakness ID: 303 (Weakness Base) | Status: Draft |
Description Summary
Extended Description
This incorrect implementation may allow authentication to be bypassed.
Reference | Description |
---|---|
CVE-2003-0750 | Conditional should have been an 'or' not an 'and'. |
Nature | Type | ID | Name | View(s) this relationship pertains to![]() |
---|---|---|---|---|
ChildOf | ![]() | 287 | Improper Authentication | Development Concepts (primary)699 Research Concepts (primary)1000 |
CAPEC-ID | Attack Pattern Name | (CAPEC Version: 1.4) |
---|---|---|
90 | Reflection Attack in Authentication Protocol |
Submissions | ||||
---|---|---|---|---|
Submission Date | Submitter | Organization | Source | |
PLOVER | Externally Mined | |||
Modifications | ||||
Modification Date | Modifier | Organization | Source | |
2008-07-01 | Eric Dalci | Cigital | External | |
updated Time of Introduction | ||||
2008-09-08 | CWE Content Team | MITRE | Internal | |
updated Relationships, Taxonomy Mappings | ||||
2008-10-14 | CWE Content Team | MITRE | Internal | |
updated Description | ||||
2009-05-27 | CWE Content Team | MITRE | Internal | |
updated Description, Name | ||||
Previous Entry Names | ||||
Change Date | Previous Entry Name | |||
2008-04-11 | Authentication Logic Error | |||
2009-05-27 | Improper Implementation of Authentication Algorithm | |||
Security-Database help your corporation foresee and avoid any security risks that may impact your IT infrastructure and business applications.