CWE-288β€”Authentication Bypass Using an Alternate Path or Channel

PUBLISHEDweakness record
released 2006-07-19 Β· last modified 2025-12-11
CWE-288 - Authentication Bypass Using an Alternate Path or Channel - Diagram

Metadata

CWE ID:
CWE-288
Abstraction:
Base
Structure:
Simple
Status:
Incomplete
Release Date:
2006-07-19
Latest Modification Date:
2025-12-11

Weakness Name

Authentication Bypass Using an Alternate Path or Channel

Description

The product requires authentication, but the product has an alternate path or channel that does not require authentication.

Common Consequences

Scope:
Access Control
Impact:
Bypass Protection Mechanism

Related Weaknesses