BaseDraft

CWE-420Unprotected Alternate Channel

Category: other

Description

The product protects a primary channel, but it does not use the same level of protection for an alternate channel.

Common consequences· 1

  • Access Control — Gain Privileges or Assume Identity, Bypass Protection Mechanism

Potential mitigations· 1

  • [Architecture and Design]Identify all alternate channels and use the same protection mechanisms that are used for the primary channels.

References

  1. https://cwe.mitre.org/data/definitions/420.html

(incoming)10

TypeTargetConfidenceTier
VulnerabilityCVE-2025-13315cve-2025-133150%live
VulnerabilityCVE-2025-52921cve-2025-529210%live
VulnerabilityCVE-2025-53967cve-2025-539670%live
Vulnerability CrushFTP Unprotected Alternate Channel Vulnerabilitycve-2025-543090%live
VulnerabilityCVE-2025-54351cve-2025-543510%live
VulnerabilityCVE-2025-62001cve-2025-620010%live
VulnerabilityCVE-2025-8557cve-2025-85570%live
VulnerabilityCVE-2026-40217cve-2026-402170%live
KEVEntryCisco IOS XE Web UI Privilege Escalation Vulnerabilitykev-cve-2023-201980%live
KEVEntry CrushFTP Unprotected Alternate Channel Vulnerabilitykev-cve-2025-543090%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Unprotected Primary Channel
CWE
Authentication Bypass Using an Alternate Path or Channel
CWE
Excessive Attack Surface
CWE
Improper Restriction of Communication Channel to Intended Endpoints
CWE
Improper Check for Unusual or Exceptional Conditions
CWE
Improper Protection of Alternate Path
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.