Missing Critical Step in Authentication

Description

This vulnerability occurs when a software authentication process omits a required step, weakening its overall security.

Extended Description

Secure authentication relies on following a defined protocol completely. Skipping a step—like not validating a session token, omitting a required cryptographic hash, or failing to check a second factor—creates a gap that attackers can exploit to bypass login protections or launch more effective brute-force attacks. To prevent this, developers must treat authentication algorithms as strict checklists. Each step, from credential presentation to final session establishment, must be implemented and tested. Relying on official libraries and comprehensive security testing helps ensure no critical step is accidentally missing or disabled.

Common Consequences 1

Scope: Access ControlIntegrityConfidentiality

Impact: Bypass Protection MechanismGain Privileges or Assume IdentityRead Application DataExecute Unauthorized Code or Commands

This weakness can lead to the exposure of resources or functionality to unintended actors, possibly providing attackers with sensitive information or allowing attackers to execute arbitrary code.

Detection Methods 1

Automated Static AnalysisHigh

Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then searching for potentially-vulnerable patterns that connect "sources" (origins of input) with "sinks" (destinations where the data interacts with external components, a lower layer such as the OS, etc.)

Observed Examples 2

CVE-2004-2163Shared secret not verified in a RADIUS response packet, allowing authentication bypass by spoofing server replies.

CVE-2005-3327Chain: Authentication bypass by skipping the first startup step as required by the protocol.