BaseDraft
CWE-348Use of Less Trusted Source
Category: other
Description
The product has two different sources of the same data or information, but it uses the source that has less support for verification, is less trusted, or is less resistant to attack.
Common consequences· 1
- Access Control — Bypass Protection Mechanism, Gain Privileges or Assume IdentityAn attacker could utilize the untrusted data source to bypass protection mechanisms and gain access to sensitive data.
Related CAPEC attack patterns· 5
References
Exploits (incoming)5
| Type | Target | Confidence | Tier |
|---|---|---|---|
| AttackPattern | DNS Cache Poisoningcapec-142 | 100% | live |
| AttackPattern | Manipulating Web Input to File System Callscapec-76 | 100% | live |
| AttackPattern | Cache Poisoningcapec-141 | 100% | live |
| AttackPattern | User-Controlled Filenamecapec-73 | 100% | live |
| AttackPattern | AJAX Footprintingcapec-85 | 100% | live |
(incoming)5
| Type | Target | Confidence | Tier |
|---|---|---|---|
| Vulnerability | CVE-2025-48865cve-2025-48865 | 0% | live |
| Vulnerability | CVE-2025-55292cve-2025-55292 | 0% | live |
| Vulnerability | CVE-2025-59951cve-2025-59951 | 0% | live |
| Vulnerability | CVE-2025-69240cve-2025-69240 | 0% | live |
| Vulnerability | CVE-2026-44183cve-2026-44183 | 0% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.