| CAPEC | Related Weakness |
| Use of Captured Tickets (Pass The Ticket) |
| CWE-522 | Insufficiently Protected Credentials |
|
| Remote Services with Stolen Credentials |
| CWE-522 | Insufficiently Protected Credentials |
|
| Signature Spoofing by Key Theft |
| CWE-522 | Insufficiently Protected Credentials |
|
| Use of Captured Hashes (Pass The Hash) |
| CWE-522 | Insufficiently Protected Credentials |
|
| Session Sidejacking |
| CWE-294 | Authentication Bypass by Capture-replay |
| CWE-319 | Cleartext Transmission of Sensitive Information |
| CWE-522 | Insufficiently Protected Credentials |
| CWE-523 | Unprotected Transport of Credentials |
| CWE-614 | Sensitive Cookie in HTTPS Session Without 'Secure' Attribute |
|
| Modify Existing Service |
| CWE-284 | Improper Access Control |
| CWE-522 | Insufficiently Protected Credentials |
|
| Windows Admin Shares with Stolen Credentials |
| CWE-522 | Insufficiently Protected Credentials |
|
| Password Recovery Exploitation |
| CWE-522 | Insufficiently Protected Credentials |
| CWE-640 | Weak Password Recovery Mechanism for Forgotten Password |
| CWE-718 | OWASP Top Ten 2007 Category A7 - Broken Authentication and Session Management |
|
| Use of Known Domain Credentials |
| CWE-522 | Insufficiently Protected Credentials |
|
