Home/CWE/Credentials Management Errors
Weakness

Credentials Management Errors

CWE-255 · Category

Weaknesses in this category are related to the management of credentials.

ATT&CK Techniques

3
Adversary techniques associated with this weakness, via MITRE CAPEC and authoritative CTID CVE mappings.
T1003OS Credential Dumping
T1550.002Pass the Hash
T1552.001Credentials In Files

CVEs With This Weakness

786
A sample of the 786 CVEs tagged with this weakness.
CVECVE-2026-6597
CVECVE-2026-4251
CVECVE-2026-4250
CVECVE-2026-4243
CVECVE-2026-4242
CVECVE-2026-4217
CVECVE-2026-11552
CVECVE-2026-11515
CVECVE-2025-9725
CVECVE-2025-7577
CVECVE-2025-7453
CVECVE-2025-7080
View all 786 CVEs with this weakness

Nuclei Scanner Templates

2
Open-source Nuclei templates that detect this weakness class - an actionable scan-for-it pivot. Licensed under the ProjectDiscovery / Nuclei terms.
criticalAmcrest IP Camera Web Management - Data Exposure
criticalApache Axis2 Default Login
External lookups - second-class, for what we don’t hold ourselves
MITRE CWE
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Coverage report
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns TAXII feed Data sources
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh