Lock Computer

A category in the Common Weakness Enumeration published by The MITRE Corporation.

  • Source

    CWE Catalog - 4.12

  • Identifier

    CWE-1017

  • Status

    Draft

Contents

Summary

Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.

Weaknesses in this category are related to the design and architecture of a system's lockout mechanism. Frequently these deal with scenarios that take effect in case of multiple failed attempts to access a given resource. The weaknesses in this category could lead to a degradation of access to system assets if they are not addressed when designing or implementing a secure architecture.

Weaknesses

Overly Restrictive Account Lockout Mechanism

The product contains an account lockout protection mechanism, but the mechanism is too restrictive and can be triggered too easily, which allows attackers to deny serv...

Concepts

Architectural Concepts

This view organizes weaknesses according to common architectural security tactics. It is intended to assist architects in identifying potential mistakes that can be ma...

See Also

  1. A Catalog of Security Architecture Weaknesses.

    2017 IEEE International Conference on Software Architecture (ICSA)

  2. Understanding Software Vulnerabilities Related to Architectural Security Tactics: An Empirical Investigation of Chromium, PHP and Thunderbird.

    2017 IEEE International Conference on Software Architecture (ICSA)

Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.