CWE-258: Empty Password in Configuration File

VariantIncompleteExploit Likelihood: High

Using an empty string as a password is insecure.

Languages

Not Language-Specific

Platforms

Search for vulnerabilities that exploit CWE-258

Understanding vulnerabilities vs weaknesses

How vulnerability severity is measured

Complete technical details and references