CWE WEAKNESSES / CWE-303
CWE-303
Incorrect Implementation of Authentication Algorithm
Base
What it is
The requirements for the product dictate the use of an established authentication algorithm, but the implementation of the algorithm is incorrect.
This incorrect implementation may allow authentication to be bypassed.
Impact
| Access Control | Bypass Protection Mechanism |
Real-world CVE examples
- CVE-2003-0750 — Conditional should have been an 'or' not an 'and'.
Related weaknesses
Test & detect
Browse all common weaknesses, check related exploited CVEs, or map to ATT&CK techniques.
Source: MITRE CWE. View on cwe.mitre.org →