CWE DATABASE
About
GET A DEMO
Backslash Vulnerability Database
Improper Authentication
Improper Authentication
MITRE Rank:
#13
CWE-287
MITRE Rank:
#13
Overtime trend (NVD)
CVSS severity (NVD, All Time)
Per technology (GHSA, All time)
39%
-
Maven
18%
-
Composer
13%
-
Go
29%
-
Others
Short description
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Best practices to prevent this CWE
Phase: Architecture and Design
Strategy: Libraries or Frameworks
Use an authentication framework or library such as the OWASP ESAPI Authentication feature.