CWE-290β€”Authentication Bypass by Spoofing

PUBLISHEDweakness record
released 2006-07-19 Β· last modified 2025-12-11

Metadata

CWE ID:
CWE-290
Abstraction:
Base
Structure:
Simple
Status:
Incomplete
Release Date:
2006-07-19
Latest Modification Date:
2025-12-11

Weakness Name

Authentication Bypass by Spoofing

Description

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

Common Consequences

Scope:
Access Control
Impact:
Bypass Protection Mechanism, Gain Privileges or Assume Identity
Notes:
This weakness can allow an attacker to access resources which are not otherwise accessible without proper authentication.

Related Weaknesses