The product does not mask passwords during entry, increasing the potential for attackers to observe and capture passwords.
Extended Description
N/A
ThreatScore
Threat Mapped score: 0.0
Industry: Finiancial
Threat priority: Unclassified
Observed Examples (CVEs)
No observed examples available.
Related Attack Patterns (CAPEC)
N/A
Attack TTPs
N/A
Modes of Introduction
Phase
Note
Implementation
N/A
Common Consequences
Impact: Bypass Protection Mechanism — Notes:
Potential Mitigations
Implementation: Recommendations include requiring all password fields in your web application be masked to prevent other users from seeing this information. (N/A)