CWE-522: Insufficiently Protected Credentials

ClassIncomplete🏆 #25 in Top 25 (2024)

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

View on MITRE

283Related CVEs

8.54Severity Score

Back to CWE Lookup

Technical Details

Structure: Simple

Applicable To

Languages

Not Language-Specific

Platforms

🏆 CWE Top 25 Historical Ranking

2024:#25

Score: 8.54

283 CVEs

Trend:★ New to Top 25

Learn More

Find Related CVEs

Search for vulnerabilities that exploit CWE-522

CWE Top 25 Most Dangerous

See how this weakness ranks against others

CVE vs CWE: What's the Difference?

Understanding vulnerabilities vs weaknesses

Understanding CVSS Scoring

How vulnerability severity is measured

View Full MITRE Entry

Complete technical details and references