The system lacks an authentication mechanism or has one that can be bypassed.
Therefore, an attacker can access resources that should be protected without
having an active session.
R227. Display access notification
R228. Authenticate using standard protocols
R229. Request access credentials
R231. Define a biometric verification component
R235. Define credentials interface
R264. Request authentication
R319. Make authentication options equally secure
Ready to start with Fluid Attacks?
Copyright © 2020 Fluid Attacks, We hack your software. All rights reserved.