CWE-289
Overview
- CWE ID
- 289
- CWE Name
- Authentication Bypass by Alternate Name
- CWE Abstraction
- Variant
- CWE structure
- Simple
- CWE Status
- Incomplete
Description
The software performs authentication based on the name of a resource being accessed, or the name of the actor performing the access, but it does not properly check all possible names for that resource or actor.
Extended Description
Related CWEs
| CWE ID | View ID | Nature | Ordinal |
|---|---|---|---|
| 1390 | 1000 | ChildOf | Primary |