Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE CATEGORY:OWASP Top Ten 2017 Category A2 - Broken Authentication
Category ID:1028
Vulnerability Mapping:Prohibited
Status:Incomplete
DetailsContent HistoryObserved CVE ExamplesReports
▼Summary

Weaknesses in this category are related to the A2 category in the OWASP Top Ten 2017.

▼Membership
NatureMappingTypeIDName
MemberOfProhibitedV1026Weaknesses in OWASP Top Ten (2017)
HasMemberAllowedB256Plaintext Storage of a Password
HasMemberDiscouragedC287Improper Authentication
HasMemberAllowedB308Use of Single-factor Authentication
HasMemberAllowedC384Session Fixation
HasMemberAllowed-with-ReviewC522Insufficiently Protected Credentials
HasMemberAllowedB523Unprotected Transport of Credentials
HasMemberAllowedB613Insufficient Session Expiration
HasMemberAllowedB620Unverified Password Change
HasMemberAllowed-with-ReviewB640Weak Password Recovery Mechanism for Forgotten Password
Nature: MemberOf
Mapping: Prohibited
Type: View
ID: 1026
Name: Weaknesses in OWASP Top Ten (2017)
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 256
Name: Plaintext Storage of a Password
Nature: HasMember
Mapping: Discouraged
Type: Class
ID: 287
Name: Improper Authentication
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 308
Name: Use of Single-factor Authentication
Nature: HasMember
Mapping: Allowed
Type: Compound
ID: 384
Name: Session Fixation
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 522
Name: Insufficiently Protected Credentials
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 523
Name: Unprotected Transport of Credentials
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 613
Name: Insufficient Session Expiration
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 620
Name: Unverified Password Change
Nature: HasMember
Mapping: Allowed-with-Review
Type: Base
ID: 640
Name: Weak Password Recovery Mechanism for Forgotten Password
▼Vulnerability Mapping Notes
Usage:Prohibited
Reason:
Rationale:

This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.

Comments:

See member weaknesses of this category.

▼Notes
▼Taxonomy Mappings
Taxonomy NameEntry IDFitEntry Name
▼References
Reference ID: REF-957
Title: Top 10 2017
Version: v4.15
Author:
Publication:
Publisher:OWASP
Edition:
URL:https://owasp.org/www-pdf-archive/OWASP_Top_10-2017_%28en%29.pdf.pdf
URL Date:
Day:12
Month:04
Year:2017
Details not found