This CWE category focuses on weaknesses related to the administration of authorization. Explore various weaknesses like plaintext password storage, weak encoding, and more.

CWE-635: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-699: Software Development Weaknesses

CWE-724: Vulnerabilities in OWASP Top Ten (2004)

CWE-1353: Identification and Authentication Failures

CWE-256: Passwords in Memory to Plaintext Storage

CWE-257: Storing Passwords In a Recoverable Format

CWE-260: Passwords Not Stored Safely

CWE-261: Weak Cryptographic Algorithms

CWE-262: Vulnerability Mapping Notes and Content History

CWE-263: Password Aging With Long Expiration

CWE-324: Weak Cryptography in SFP Secondary Cluster

CWE-521: Weak Password Requirements

CWE-523: Weak Password Requirements

CWE-549: SFP Secondary Cluster: Feature

CWE-620: Weak Password Recovery Mechanism for Forgotten Password

CWE-640: Weak Password Recovery Mechanism

CWE-798: Vulnerability in Authentication Mechanisms

CWE-916: Proper Use of Adaptive Hash Functions in Architecture and Design

CWE-1392: Comprehensive Categorization: Access Control

Discover vulnerabilities in authorization administration with CWE-255. Learn about plaintext password storage, weak password requirements, and other related weaknesses.

Common Weakness Enumeration 255: Authorization Administration Weaknesses

The weaknesses in this particular category pertain to the administration of authorization.

CWE-255: Authorization Administration Weaknesses

CWE-255: Authorization Administration Weaknesses

Summary

Is your System Free of Underlying Vulnerabilities?
Find Out Now

CWE-255: Authorization Administration Weaknesses

Summary

Is your System Free of Underlying Vulnerabilities? Find Out Now

Is your System Free of Underlying Vulnerabilities?
Find Out Now