Read Time:19 Second

Description

The requirements for the software dictate the use of an established authentication algorithm, but the implementation of the algorithm is incorrect.

This incorrect implementation may allow authentication to be bypassed.

Modes of Introduction:

– Implementation

 

 

Related Weaknesses

CWE-287

 

Consequences

Access Control: Bypass Protection Mechanism

 

Potential Mitigations

CVE References

  • CVE-2003-0750
    • Conditional should have been an ‘or’ not an ‘and’.