CWE-303 - Incorrect Implementation of Authentication Algorithm
- Abstraction:Base
- Structure:Simple
- Status:Draft
- Release Date:2006-07-19
- Latest Modification Date:2023-06-29
Weakness Name
Incorrect Implementation of Authentication Algorithm
Description
The requirements for the product dictate the use of an established authentication algorithm, but the implementation of the algorithm is incorrect.
This incorrect implementation may allow authentication to be bypassed.
Common Consequences
Scope: Access Control
Impact: Bypass Protection Mechanism