CAPEC Related Weakness
Session Sidejacking
CWE-294Authentication Bypass by Capture-replay
CWE-319Cleartext Transmission of Sensitive Information
CWE-522Insufficiently Protected Credentials
CWE-523Unprotected Transport of Credentials
CWE-614Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
Signature Spoofing by Key Theft
CWE-522Insufficiently Protected Credentials
Password Recovery Exploitation
CWE-522Insufficiently Protected Credentials
CWE-640Weak Password Recovery Mechanism for Forgotten Password
CWE-718OWASP Top Ten 2007 Category A7 - Broken Authentication and Session Management
Modify Existing Service
CWE-284Improper Access Control
CWE-522Insufficiently Protected Credentials
Remote Services with Stolen Credentials
CWE-522Insufficiently Protected Credentials
Use of Known Domain Credentials
CWE-522Insufficiently Protected Credentials
Windows Admin Shares with Stolen Credentials
CWE-522Insufficiently Protected Credentials
Use of Captured Hashes (Pass The Hash)
CWE-522Insufficiently Protected Credentials
Use of Captured Tickets (Pass The Ticket)
CWE-522Insufficiently Protected Credentials
Back to Top