VYPR

CWE-309

Use of Password System for Primary Authentication

BaseDraftLikelihood: High

Description

The use of password systems as the primary means of authentication may be subject to several flaws or shortcomings, each reducing the effectiveness of the mechanism.

Hierarchy (View 1000)

Children

none

Related attack patterns (CAPEC)

CAPEC-16 · CAPEC-49 · CAPEC-509 · CAPEC-55 · CAPEC-555 · CAPEC-560 · CAPEC-561 · CAPEC-565 · CAPEC-600 · CAPEC-652 · CAPEC-653 · CAPEC-70

CVEs mapped to this weakness (1)

  • CVE-2021-41113Oct 5, 2021
    risk 0.00cvss epss 0.01

    TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that the new TYPO3 v11 feature that allows users to create and share deep links in the backend user interface is vulnerable to cross-site-request-forgery. The…