CWE-309
Use of Password System for Primary Authentication
BaseDraftLikelihood: High
Description
The use of password systems as the primary means of authentication may be subject to several flaws or shortcomings, each reducing the effectiveness of the mechanism.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-16 · CAPEC-49 · CAPEC-509 · CAPEC-55 · CAPEC-555 · CAPEC-560 · CAPEC-561 · CAPEC-565 · CAPEC-600 · CAPEC-652 · CAPEC-653 · CAPEC-70
CVEs mapped to this weakness (1)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-41113 | 0.00 | — | 0.01 | Oct 5, 2021 | TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that the new TYPO3 v11 feature that allows users to create and share deep links in the backend user interface is vulnerable to cross-site-request-forgery. The… |
- CVE-2021-41113Oct 5, 2021risk 0.00cvss —epss 0.01
TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that the new TYPO3 v11 feature that allows users to create and share deep links in the backend user interface is vulnerable to cross-site-request-forgery. The…