CAPEC Related Weakness
Session Sidejacking
CWE-294Authentication Bypass by Capture-replay
CWE-319Cleartext Transmission of Sensitive Information
CWE-522Insufficiently Protected Credentials
CWE-523Unprotected Transport of Credentials
CWE-614Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
Interception
CWE-319Cleartext Transmission of Sensitive Information
Harvesting Information via API Event Monitoring
CWE-311Missing Encryption of Sensitive Data
CWE-319Cleartext Transmission of Sensitive Information
CWE-419Unprotected Primary Channel
CWE-602Client-Side Enforcement of Server-Side Security
Signature Spoofing by Mixing Signed and Unsigned Content
CWE-311Missing Encryption of Sensitive Data
CWE-319Cleartext Transmission of Sensitive Information
CWE-693Protection Mechanism Failure
Sniff Application Code
CWE-311Missing Encryption of Sensitive Data
CWE-318Cleartext Storage of Sensitive Information in Executable
CWE-319Cleartext Transmission of Sensitive Information
CWE-693Protection Mechanism Failure
CWE-719OWASP Top Ten 2007 Category A8 - Insecure Cryptographic Storage
Back to Top