CWE-636: Not Failing Securely ('Failing Open')
CWE版本: 4.18
更新日期: 2025-09-09
弱点描述
When the product encounters an error condition or failure, its design requires it to fall back to a state that is less secure than other options that are available, such as selecting the weakest encryption algorithm or using the most permissive access control restrictions.
扩展描述
By entering a less secure state, the product inherits the weaknesses associated with that state, making it easier to compromise. At the least, it causes administrators to have a false sense of security. This weakness typically occurs as a result of wanting to "fail functional" to minimize administration and support costs, instead of "failing safe."
常见后果
影响范围: Access Control
技术影响: Bypass Protection Mechanism
说明: Intended access restrictions can be bypassed, which is often contradictory to what the product's administrator expects.
潜在缓解措施
阶段: Architecture and Design
描述: Subdivide and allocate resources and components so that a failure in one part does not affect the entire product.
观察示例
参考: CVE-2007-5277
The failure of connection attempts in a web browser resets DNS pin restrictions. An attacker can then bypass the same origin policy by rebinding a domain name to a different IP address. This was an attempt to "fail functional."
参考: CVE-2006-4407
Incorrect prioritization leads to the selection of a weaker cipher. Although it is not known whether this issue occurred in implementation or design, it is feasible that a poorly designed algorithm could be a factor.
引入模式
| 阶段 | 说明 |
|---|---|
| Architecture and Design | - |
| Implementation | - |
适用平台
编程语言
技术
分类映射
| 分类名称 | 条目ID | 条目名称 | 映射适配度 |
|---|---|---|---|
| OWASP Top Ten 2004 | A7 | Improper Error Handling | CWE More Specific |