CAPEC Related Weakness
Brute Force
CWE-326 Inadequate Encryption Strength
CWE-330 Use of Insufficiently Random Values
CWE-521 Weak Password Requirements
Dictionary-based Password Attack
CWE-262 Not Using Password Aging
CWE-263 Password Aging with Long Expiration
CWE-307 Improper Restriction of Excessive Authentication Attempts
CWE-308 Use of Single-factor Authentication
CWE-309 Use of Password System for Primary Authentication
CWE-521 Weak Password Requirements
CWE-654 Reliance on a Single Factor in a Security Decision
Password Brute Forcing
CWE-257 Storing Passwords in a Recoverable Format
CWE-262 Not Using Password Aging
CWE-263 Password Aging with Long Expiration
CWE-307 Improper Restriction of Excessive Authentication Attempts
CWE-308 Use of Single-factor Authentication
CWE-309 Use of Password System for Primary Authentication
CWE-521 Weak Password Requirements
CWE-654 Reliance on a Single Factor in a Security Decision
Kerberoasting
CWE-262 Not Using Password Aging
CWE-263 Password Aging with Long Expiration
CWE-294 Authentication Bypass by Capture-replay
CWE-308 Use of Single-factor Authentication
CWE-309 Use of Password System for Primary Authentication
CWE-521 Weak Password Requirements
CWE-522 Insufficiently Protected Credentials
Rainbow Table Password Cracking
CWE-261 Weak Encoding for Password
CWE-262 Not Using Password Aging
CWE-263 Password Aging with Long Expiration
CWE-308 Use of Single-factor Authentication
CWE-309 Use of Password System for Primary Authentication
CWE-521 Weak Password Requirements
CWE-654 Reliance on a Single Factor in a Security Decision
CWE-916 Use of Password Hash With Insufficient Computational Effort
Remote Services with Stolen Credentials
CWE-262 Not Using Password Aging
CWE-263 Password Aging with Long Expiration
CWE-294 Authentication Bypass by Capture-replay
CWE-308 Use of Single-factor Authentication
CWE-309 Use of Password System for Primary Authentication
CWE-521 Weak Password Requirements
CWE-522 Insufficiently Protected Credentials
Windows Admin Shares with Stolen Credentials
CWE-262 Not Using Password Aging
CWE-263 Password Aging with Long Expiration
CWE-294 Authentication Bypass by Capture-replay
CWE-308 Use of Single-factor Authentication
CWE-309 Use of Password System for Primary Authentication
CWE-521 Weak Password Requirements
CWE-522 Insufficiently Protected Credentials
Password Spraying
CWE-262 Not Using Password Aging
CWE-263 Password Aging with Long Expiration
CWE-307 Improper Restriction of Excessive Authentication Attempts
CWE-308 Use of Single-factor Authentication
CWE-309 Use of Password System for Primary Authentication
CWE-521 Weak Password Requirements
CWE-654 Reliance on a Single Factor in a Security Decision
Try Common or Default Usernames and Passwords
CWE-262 Not Using Password Aging
CWE-263 Password Aging with Long Expiration
CWE-308 Use of Single-factor Authentication
CWE-309 Use of Password System for Primary Authentication
CWE-521 Weak Password Requirements
CWE-654 Reliance on a Single Factor in a Security Decision
CWE-798 Use of Hard-coded Credentials