CAPEC Related Weakness
Sniff Application Code
CWE-311 Missing Encryption of Sensitive Data
CWE-318 Cleartext Storage of Sensitive Information in Executable
CWE-319 Cleartext Transmission of Sensitive Information
CWE-693 Protection Mechanism Failure
CWE-719 OWASP Top Ten 2007 Category A8 - Insecure Cryptographic Storage
Session Credential Falsification through Prediction
CWE-6 J2EE Misconfiguration: Insufficient Session-ID Length
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
CWE-285 Improper Authorization
CWE-290 Authentication Bypass by Spoofing
CWE-330 Use of Insufficiently Random Values
CWE-331 Insufficient Entropy
CWE-346 Origin Validation Error
CWE-384 Session Fixation
CWE-488 Exposure of Data Element to Wrong Session
CWE-539 Use of Persistent Cookies Containing Sensitive Information
CWE-693 Protection Mechanism Failure
CWE-719 OWASP Top Ten 2007 Category A8 - Insecure Cryptographic Storage
Rainbow Table Password Cracking
CWE-261 Weak Encoding for Password
CWE-262 Not Using Password Aging
CWE-263 Password Aging with Long Expiration
CWE-308 Use of Single-factor Authentication
CWE-309 Use of Password System for Primary Authentication
CWE-521 Weak Password Requirements
CWE-654 Reliance on a Single Factor in a Security Decision
CWE-719 OWASP Top Ten 2007 Category A8 - Insecure Cryptographic Storage
CWE-916 Use of Password Hash With Insufficient Computational Effort
Encryption Brute Forcing
CWE-326 Inadequate Encryption Strength
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
CWE-693 Protection Mechanism Failure
CWE-719 OWASP Top Ten 2007 Category A8 - Insecure Cryptographic Storage