Authentication Bypass Issues |
Weakness ID: 592 (Weakness Class) | Status: Incomplete |
Description Summary
The software does not properly perform authentication, allowing it to be bypassed through various methods.
Nature | Type | ID | Name | View(s) this relationship pertains to |
---|---|---|---|---|
ChildOf | Weakness Class | 287 | Improper Authentication | Development Concepts (primary)699 Research Concepts (primary)1000 |
ChildOf | Category | 724 | OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management | Weaknesses in OWASP Top Ten (2004) (primary)711 |
ParentOf | Weakness Base | 288 | Authentication Bypass Using an Alternate Path or Channel | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 289 | Authentication Bypass by Alternate Name | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Weakness Base | 290 | Authentication Bypass by Spoofing | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Weakness Base | 294 | Authentication Bypass by Capture-replay | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 302 | Authentication Bypass by Assumed-Immutable Data | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Weakness Base | 305 | Authentication Bypass by Primary Weakness | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 593 | Authentication Bypass: OpenSSL CTX Object Modified after SSL Objects are Created | Development Concepts (primary)699 Research Concepts1000 |
PeerOf | Weakness Base | 603 | Use of Client-Side Authentication | Research Concepts1000 |
Mapped Taxonomy Name | Node ID | Fit | Mapped Node Name |
---|---|---|---|
OWASP Top Ten 2004 | A3 | CWE More Specific | Broken Authentication and Session Management |
CAPEC-ID | Attack Pattern Name | (CAPEC Version: 1.4) |
---|---|---|
115 | Authentication Bypass |