CWE-255
Category ID:255(Category)
Status: Draft
証明書・パスワードの管理
解説
解説要約
このカテゴリの脆弱性は、パスワード・証明書の管理に関連するものです。
該当するプラットフォーム
言語
全て
関係性
| Nature | Type | ID | Name | View(s) this relationship pertains to |
|---|---|---|---|---|
| ChildOf | Category | 254 | Security Features | Development Concepts (primary)699 |
| ChildOf | Category | 724 | OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management | Weaknesses in OWASP Top Ten (2004) (primary)711 |
| ParentOf | Weakness Variant | 261 | Weak Cryptography for Passwords | Development Concepts (primary)699 |
| ParentOf | Weakness Variant | 262 | Not Using Password Aging | Development Concepts (primary)699 |
| ParentOf | Weakness Base | 263 | Password Aging with Long Expiration | Development Concepts (primary)699 |
| ParentOf | Weakness Base | 521 | Weak Password Requirements | Development Concepts (primary)699 |
| ParentOf | Weakness Base | 522 | Insufficiently Protected Credentials | Development Concepts (primary)699 |
| ParentOf | Weakness Variant | 549 | Missing Password Field Masking | Development Concepts (primary)699 |
| ParentOf | Weakness Variant | 620 | Unverified Password Change | Development Concepts699 |
| ParentOf | Weakness Base | 640 | Weak Password Recovery Mechanism for Forgotten Password | Development Concepts (primary)699 |
| ParentOf | Weakness Base | 798 | Use of Hard-coded Credentials | Development Concepts (primary)699 |
| MemberOf | View | 635 | Weaknesses Used by NVD | Weaknesses Used by NVD (primary)635 |
他組織での分類
| 組織名または組織での分類 | ノード ID | CWEの分類との適合度 | 分類名 |
|---|---|---|---|
| OWASP Top Ten 2004 | A3 | CWEより詳細 | Broken Authentication and Session Management |
更新履歴
[2011年04月21日]
2010年10月12日時点のデータを元に更新
[2009年06月29日]
2009年02月02日時点の下記 URL を元に作成
http://cwe.mitre.org/data/definitions/255.html
登録日 2011/04/21
最終更新日 2023/04/04
