CWE 718

OWASP Top Ten 2007 Category A7 - Broken Authentication and Session Management

Category ID: 718 (Category)

Status: Incomplete

Description

Description Summary

Weaknesses in this category are related to the A7 category in the OWASP Top Ten 2007.

Relationships

Nature	Type	ID	Name	View(s) this relationship pertains to
ParentOf	Weakness Class	287	Improper Authentication	Weaknesses in OWASP Top Ten (2007) (primary)629
ParentOf	Weakness Variant	301	Reflection Attack in an Authentication Protocol	Weaknesses in OWASP Top Ten (2007) (primary)629
ParentOf	Weakness Base	522	Insufficiently Protected Credentials	Weaknesses in OWASP Top Ten (2007) (primary)629
MemberOf	View	629	Weaknesses in OWASP Top Ten (2007)	Weaknesses in OWASP Top Ten (2007) (primary)629

Related Attack Patterns

CAPEC-ID	Attack Pattern Name	(CAPEC Version: 1.4)
50	Password Recovery Exploitation
90	Reflection Attack in Authentication Protocol

References

OWASP. "Top 10 2007-Broken Authentication and Session Management". 2007. <http://www.owasp.org/index.php/Top_10_2007-A7>.

Content History

Submissions
Submission Date	Submitter	Organization	Source
2008-09-09		MITRE	Internal CWE Team
2008-09-09
Modifications
Modification Date	Modifier	Organization	Source
2009-12-28	CWE Content Team	MITRE	Internal
2009-12-28	updated Related Attack Patterns