2022年1月14日11:40:36评论45 views字数 547阅读1分49秒阅读模式

Category-947: SFP Secondary Cluster: Authentication Bypass

ID: 947
Status: Incomplete

Summary

This category identifies Software Fault Patterns (SFPs) within the Authentication Bypass cluster.

Membership

ID	NAME
CWE-287	认证机制不恰当
CWE-288	使用候选路径或通道进行的认证绕过
CWE-289	使用候选名称进行的认证绕过
CWE-303	认证算法的不正确实现
CWE-304	认证中关键步骤缺失
CWE-305	使用基本弱点进行的认证绕过
CWE-308	使用单一因素认证机制
CWE-309	使用口令系统作为基本认证机制
CWE-603	使用客户端的认证机制

文章来源于互联网:scap中文网

相关推荐: View-734: Weaknesses Addressed by the CERT C Secure Coding Standard (2008)

View-734: Weaknesses Addressed by the CERT C Secure Coding Standard (2008) ID: 734 Type: Graph Status: Obsolete Objective CWE entr…

特别标注: 本站(CN-SEC.COM)所有文章仅供技术研究，若将其信息做其他用途，由用户承担全部法律及连带责任，本站不承担任何法律及连带责任，请遵守中华人民共和国安全法.

我的微信
微信扫一扫

我的微信公众号
微信扫一扫

Category-947: SFP Secondary Cluster: Authentication Bypass

Category-947: SFP Secondary Cluster: Authentication Bypass

Summary

Membership

View-999: Weaknesses without Software Fault Patterns

View-884: CWE Cross-section

View-868: Weaknesses Addressed by the SEI CERT C++ Coding Standard (2016 Version)

View-844: Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)

View-809: Weaknesses in OWASP Top Ten (2010)

View-800: Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors

View-750: Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors

View-734: Weaknesses Addressed by the CERT C Secure Coding Standard (2008)

View-711: Weaknesses in OWASP Top Ten (2004)

View-709: Named Chains

发表评论

在线咨询

微信