CWE-322
Key Exchange without Entity Authentication
The product performs a key exchange with an actor without verifying the identity of that actor.
Official CWE-322 definition at MITREImpactr finds and proves weaknesses like CWE-322 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist