CWE-836

Overview
  • CWE ID
  • 836
  • CWE Name
  • Use of Password Hash Instead of Password for Authentication
  • CWE Abstraction
  • Base
  • CWE structure
  • Simple
  • CWE Status
  • Incomplete
Description
The software records password hashes in a data store, receives a hash of a password from a client, and compares the supplied hash to the hash obtained from the data store.
Extended Description
Related CWEs
CWE ID View ID Nature Ordinal
1390 1000 ChildOf Primary
602 1000 PeerOf
Related CVEs
CVE
CVE-2023-23450
CVE-2021-45036
CVE-2023-4299
CVE-2023-39546
CVE-2023-34132
CVE-2023-39546
CVE-2023-34132