CWE-419Unprotected Primary Channel

Description

Common consequences· 1

• Access Control — Gain Privileges or Assume Identity, Bypass Protection Mechanism

Potential mitigations· 2

• [Architecture and Design]Do not expose administrative functionnality on the user UI.
• [Architecture and Design]Protect the administrative/restricted functionality with a strong authentication mechanism.

Related CAPEC attack patterns· 1

Exploits (incoming)1

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.