3.7.1 A valid login session is ensured or re-authentication required before allowing sensitive transactions/modificationsΒΆ
Verify the application ensures a valid login session or requires re-authentication or secondary verification before allowing any sensitive transactions or account modifications.
| Level 1 | X |
| Level 2 | X |
| Level 3 | X |
| CWE | NIST |
|---|---|
| 778 |