CWE-255

�ｽ�ｽ�ｽﾊ脆弱性�ｽ^�ｽC�ｽv�ｽ齬佑WE�ｽﾆゑｿｽ

CWE-255

Category ID:255(Category)

Status: Draft

�ｽﾘ厄ｿｽ�ｽ�ｽ�ｽE�ｽp�ｽX�ｽ�ｽ�ｽ[�ｽh�ｽﾌ管暦ｿｽ

�ｽ�ｽ�ｽ

�ｽ�ｽ�ｽ�ｽv�ｽ�ｽ

�ｽ�ｽ�ｽﾌカ�ｽe�ｽS�ｽ�ｽ�ｽﾌ脆弱性�ｽﾍ、�ｽp�ｽX�ｽ�ｽ�ｽ[�ｽh�ｽE�ｽﾘ厄ｿｽ�ｽ�ｽ�ｽﾌ管暦ｿｽ�ｽﾉ関連�ｽ�ｽ�ｽ�ｽ�ｽ�ｽﾌでゑｿｽ�ｽB

�ｽY�ｽ�ｽ�ｽ�ｽ�ｽ�ｽv�ｽ�ｽ�ｽb�ｽg�ｽt�ｽH�ｽ[�ｽ�ｽ

�ｽ�ｽ�ｽ�ｽ

�ｽS�ｽ�ｽ

�ｽﾖ係�ｽ�ｽ

Nature	Type	ID	Name	View(s) this relationship pertains to
ChildOf	Category	254	Security Features	Development Concepts (primary)699
ChildOf	Category	724	OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management	Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOf	Weakness Variant	261	Weak Cryptography for Passwords	Development Concepts (primary)699
ParentOf	Weakness Variant	262	Not Using Password Aging	Development Concepts (primary)699
ParentOf	Weakness Base	263	Password Aging with Long Expiration	Development Concepts (primary)699
ParentOf	Weakness Base	521	Weak Password Requirements	Development Concepts (primary)699
ParentOf	Weakness Base	522	Insufficiently Protected Credentials	Development Concepts (primary)699
ParentOf	Weakness Variant	549	Missing Password Field Masking	Development Concepts (primary)699
ParentOf	Weakness Variant	620	Unverified Password Change	Development Concepts699
ParentOf	Weakness Base	640	Weak Password Recovery Mechanism for Forgotten Password	Development Concepts (primary)699
ParentOf	Weakness Base	798	Use of Hard-coded Credentials	Development Concepts (primary)699
MemberOf	View	635	Weaknesses Used by NVD	Weaknesses Used by NVD (primary)635

�ｽ�ｽ�ｽg�ｽD�ｽﾅの包ｿｽ�ｽ�ｽ

�ｽg�ｽD�ｽ�ｽ�ｽﾜゑｿｽ�ｽﾍ組�ｽD�ｽﾅの包ｿｽ�ｽ�ｽ	�ｽm�ｽ[�ｽh ID	CWE�ｽﾌ包ｿｽ�ｽﾞとの適�ｽ�ｽ�ｽx	�ｽ�ｽ�ｽﾞ厄ｿｽ
OWASP Top Ten 2004	A3	CWE�ｽ�ｽ�ｽﾚ搾ｿｽ	Broken Authentication and Session Management

�ｽX�ｽV�ｽ�ｽ�ｽ�ｽ

[2011�ｽN04�ｽ�ｽ21�ｽ�ｽ]
  2010�ｽN10�ｽ�ｽ12�ｽ�ｽ�ｽ�ｽ�ｽ_�ｽﾌデ�ｽ[�ｽ^�ｽ�ｽ�ｽ�ｽ�ｽﾉ更�ｽV
[2009�ｽN06�ｽ�ｽ29�ｽ�ｽ]
  2009�ｽN02�ｽ�ｽ02�ｽ�ｽ�ｽ�ｽ�ｽ_�ｽﾌ会ｿｽ�ｽL URL �ｽ�ｽ�ｽ�ｽ�ｽﾉ作成
    http://cwe.mitre.org/data/definitions/255.html

�ｽo�ｽ^�ｽ�ｽ 2011/04/21

�ｽﾅ終�ｽX�ｽV�ｽ�ｽ 2023/04/04