CWE-288 - Authentication Bypass Using an Alternate Path or Channel
- Abstraction:Base
- Structure:Simple
- Status:Incomplete
- Release Date:2006-07-19
- Latest Modification Date:2024-11-19
Weakness Name
Authentication Bypass Using an Alternate Path or Channel
Description
The product requires authentication, but the product has an alternate path or channel that does not require authentication.
Common Consequences
Scope: Access Control
Impact: Bypass Protection Mechanism
Related Weaknesses
CWE-284Improper Access Control