Home / Vulnerability Database / ABAP : Unsafe password settings
ABAP
ABAP : Unsafe password settings
Classification
OWASP Top 10 2017
OWASP Top 10 2021
OWASP ASVS
Overview
Unsafe password settings have been set.
To protect passwords, the value of login/password_downwards_compatibility must be set to 0 to avoid storing older and vulnerable password hashes that can be attacked.
References
- OWASP Top 10 2013-A5-Security Misconfiguration
- OWASP Top 10 2013-A6-Sensitive Data Exposure
- Profile Parameters for Logon and Password (Login Parameters)
- OWASP Top 10 2017-A2-Broken Authentication
- OWASP Top 10 2017-A3-Sensitive Data Exposure
- CWE-261: Weak Encoding for Password
- CWE CATEGORY: OWASP Top Ten 2017 Category A2 - Broken Authentication
- CWE CATEGORY: OWASP Top Ten 2017 Category A6 - Security Misconfiguration
MEDIUM
DerScanner Severity Score
Do you want to fix ABAP : Unsafe password settings in your application?
See also
ABAP
ABAP : Insufficient authorization check
ABAP
ABAP : Empty password
ABAP
