This category identifies Software Fault Patterns (SFPs) within the Faulty Endpoint Authentication cluster (SFP29).
| Nature | Mapping | Type | ID | Name |
|---|---|---|---|---|
| MemberOf | Prohibited | V | 888 | Software Fault Pattern (SFP) Clusters |
| HasMember | Allowed | B | 551 | Incorrect Behavior Order: Authorization Before Parsing and Canonicalization |
| HasMember | Allowed | V | 293 | Using Referer Field for Authentication |
| HasMember | Allowed | B | 302 | Authentication Bypass by Assumed-Immutable Data |
| HasMember | Discouraged | C | 345 | Insufficient Verification of Data Authenticity |
| HasMember | Allowed-with-Review | C | 346 | Origin Validation Error |
| HasMember | Allowed | V | 350 | Reliance on Reverse DNS Resolution for a Security-Critical Action |
| HasMember | Allowed | B | 360 | Trust of System Event Data |
| HasMember | Allowed | B | 565 | Reliance on Cookies without Validation and Integrity Checking |
| HasMember | Allowed | V | 647 | Use of Non-Canonical URL Paths for Authorization Decisions |
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
See member weaknesses of this category.
| Taxonomy Name | Entry ID | Fit | Entry Name |
|---|