CWE-347 - Improper Verification of Cryptographic Signature

  • 摘要:Base
  • 结构:Simple
  • 状态:Draft
  • 发布日期:2006-07-19
  • 更新日期:2025-12-11

名称

Improper Verification of Cryptographic Signature

描述

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

常见后果

范围:Access Control, Integrity, Confidentiality

影响:Gain Privileges or Assume Identity, Modify Application Data, Execute Unauthorized Code or Commands

注释:An attacker could gain access to sensitive data and possibly execute unauthorized code.

相关 CWE