Select > Reports > Portal > Repository > Standard Content > OWASP > A 2 - Broken Authentication.
Some enterprises fail to enable or misconfigure the authentication and session management functions of applications and web sites. When this occurs, a malicious user could compromise passwords, keys, and session tokens.
Use the Broken Authentication and Session Management report to identify hosts vulnerable to malicious users. This report also is available in the Account Hijacking category of the Cloud reports.