CWE-419: Unprotected Primary Channel

Base Draft Simple

CWE版本: 4.18

更新日期: 2025-09-09

弱点描述

The product uses a primary channel for administration or restricted functionality, but it does not properly protect the channel.

常见后果

影响范围: Access Control

技术影响: Gain Privileges or Assume Identity Bypass Protection Mechanism

潜在缓解措施

阶段: Architecture and Design

描述: Do not expose administrative functionnality on the user UI.

阶段: Architecture and Design

描述: Protect the administrative/restricted functionality with a strong authentication mechanism.

引入模式

阶段 说明
Architecture and Design OMISSION: This weakness is caused by missing a security tactic during the architecture and design phase.
Implementation -

适用平台

编程语言
Not Language-Specific (Undetermined)

分类映射

分类名称 条目ID 条目名称 映射适配度
PLOVER - Unprotected Primary Channel -
关键信息

CWE ID: CWE-419

抽象级别: Base

结构: Simple

状态: Draft

相关弱点
ChildOf CWE-923

Improper Restriction of Communication Channel to Intended Endpoints

Class
相关攻击模式
CAPEC-383
返回列表