CWE-304

Overview

CWE ID
304

CWE Name
Missing Critical Step in Authentication

CWE Abstraction
Base

CWE structure
Simple

CWE Status
Draft

Description

The software implements an authentication technique, but it skips a step that weakens the technique.

Extended Description

Authentication techniques should follow the algorithms that define them exactly, otherwise authentication can be bypassed or more easily subjected to brute force attacks.

Related CWEs

CWE ID	View ID	Nature	Ordinal
1390	1000	ChildOf	Primary
573	1000	ChildOf

Related CVEs

CVE
CVE-2021-41179
CVE-2022-2821
CVE-2023-3629
CVE-2023-3628
CVE-2023-22833
CVE-2023-22833
CVE-2024-6040
CVE-2024-7745
CVE-2024-45764