BaseIncomplete

CWE-941Incorrectly Specified Destination in a Communication Channel

Category: other

Description

The product creates a communication channel to initiate an outgoing request to an actor, but it does not correctly specify the intended destination for that actor.

Common consequences· 1

  • Access Control / Other — Gain Privileges or Assume Identity, Varies by Context, Bypass Protection Mechanism
    An attacker can access any functionality that is inadvertently accessible to the source.

References

  1. https://cwe.mitre.org/data/definitions/941.html

(incoming)1

TypeTargetConfidenceTier
VulnerabilityCVE-2025-69515cve-2025-695150%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Improper Restriction of Communication Channel to Intended Endpoints
CWE
Improper Encoding or Escaping of Output
CWE
Improper Verification of Source of a Communication Channel
CWE
Improper Enforcement of Message Integrity During Transmission in a Communication Channel
CWE
Incorrect Authorization
CWE
Improper Neutralization
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.