CWE-303β€”Incorrect Implementation of Authentication Algorithm

PUBLISHEDweakness record
released 2006-07-19 Β· last modified 2025-12-11

Metadata

CWE ID:
CWE-303
Abstraction:
Base
Structure:
Simple
Status:
Draft
Release Date:
2006-07-19
Latest Modification Date:
2025-12-11

Weakness Name

Incorrect Implementation of Authentication Algorithm

Description

The requirements for the product dictate the use of an established authentication algorithm, but the implementation of the algorithm is incorrect.

This incorrect implementation may allow authentication to be bypassed.

Common Consequences

Scope:
Access Control
Impact:
Bypass Protection Mechanism

Related Weaknesses