CWE-347 - Improper Verification of Cryptographic Signature
- 摘要:Base
- 结构:Simple
- 状态:Draft
- 发布日期:2006-07-19
- 更新日期:2025-12-11
名称
Improper Verification of Cryptographic Signature
描述
The product does not verify, or incorrectly verifies, the cryptographic signature for data.
常见后果
范围:Access Control, Integrity, Confidentiality
影响:Gain Privileges or Assume Identity, Modify Application Data, Execute Unauthorized Code or Commands
注释:An attacker could gain access to sensitive data and possibly execute unauthorized code.