CWE-306

GPTKB entity

Statements (19)
Predicate Object
gptkbp:instanceOf gptkb:Common_Weakness_Enumeration
gptkbp:category Authentication Issues
gptkbp:citation https://cwe.mitre.org/data/definitions/306.html
gptkbp:consequence Unauthorized access
Privilege escalation
Data exposure
gptkbp:describes The software does not perform any authentication for functionality that requires a valid user identity.
gptkbp:foundIn APIs
Web applications
Mobile applications
https://www.w3.org/2000/01/rdf-schema#label CWE-306
gptkbp:mitigatedBy Implement authentication checks for all critical functions
gptkbp:name Missing Authentication for Critical Function
gptkbp:partOf gptkb:CWE_Top_25_Most_Dangerous_Software_Weaknesses
gptkbp:relatedTo gptkb:CWE-862
CWE-285
gptkbp:vulnerableTo 306
gptkbp:bfsParent gptkb:CVE-2022-1388
gptkbp:bfsLayer 7