CWE-522 - Insufficiently Protected Credentials


This weakness occurs when the application transmits or stores authentication credentials and uses an insecure method that is susceptible to unauthorized interception and/or retrieval. An attacker can gain access to user accounts and access sensitive data used by the user accounts. The weakness is introduced during Architecture and Design, Implementation stages.

Latest vulnerabilities for CWE-522


Description of CWE-522 on Mitre website