CWE-358
Improperly Implemented Security Check for Standard
Description
The product does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.
Parent Weaknesses (ChildOf)
Related Weaknesses
Common Consequences
Scope
Impact
Bypass Protection Mechanism
CVE-2002-0862Browser does not verify Basic Constraints of a certificate, even though it is required, allowing spoofing of trusted certificates.
CVE-2002-0970Browser does not verify Basic Constraints of a certificate, even though it is required, allowing spoofing of trusted certificates.
CVE-2002-1407Browser does not verify Basic Constraints of a certificate, even though it is required, allowing spoofing of trusted certificates.
CVE-2005-0198Logic error prevents some required conditions from being enforced during Challenge-Response Authentication Mechanism with MD5 (CRAM-MD5).
CVE-2004-2163Shared secret not verified in a RADIUS response packet, allowing authentication bypass by spoofing server replies.
CVE-2005-2181Insufficient verification in VoIP implementation, in violation of standard, allows spoofed messages.
CVE-2005-2182Insufficient verification in VoIP implementation, in violation of standard, allows spoofed messages.
CVE-2005-2298Security check not applied to all components, allowing bypass.
Applicable Platforms
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now