Category-951: SFP Secondary Cluster: Insecure Authentication Policy
ID: 951 Status: Incomplete
Summary
This category identifies Software Fault Patterns (SFPs) within the Insecure Authentication Policy cluster.
Membership
| ID | NAME |
|---|---|
| CWE-262 | 未使用口令老化机制 |
| CWE-263 | 口令老化拥有过长有效期 |
| CWE-521 | 弱口令要求 |
| CWE-556 | ASP.NET误配置:使用身份伪装 |
| CWE-613 | 不充分的会话过期机制 |
| CWE-645 | 过度限制的账户封锁机制 |