CWE-288

Authentication Bypass Using an Alternate Path or Channel

Base

Incomplete

Description

The product requires authentication, but the product has an alternate path or channel that does not require authentication.

Parent Weaknesses (ChildOf)

CWE-284: Improper Access Control...

CWE-306: Missing Authentication for Cri...

Related Weaknesses

CWE-420 (PeerOf)

Common Consequences

Scope

Access Control

Impact

Bypass Protection Mechanism

Potential Mitigations

Architecture and Design

Funnel all access through a single choke point to simplify how users can access a resource. For every access, perform a check to determine if the user has permissions to access the resource.

CVE-2000-1179

Router allows remote attackers to read system logs without authentication by directly connecting to the login screen and typing certain control characters.

CVE-1999-1454

Attackers with physical access to the machine may bypass the password prompt by pressing the ESC (Escape) key.

CVE-1999-1077

OS allows local attackers to bypass the password protection of idled sessions via the programmer's switch or CMD-PWR keyboard sequence, which brings up a debugger that the attacker can use to disable the lock.

CVE-2003-0304

Direct request of installation file allows attacker to create administrator accounts.

CVE-2002-0870

Attackers may gain additional privileges by directly requesting the web management URL.

CVE-2002-0066

Bypass authentication via direct request to named pipe.

CVE-2003-1035

User can avoid lockouts by using an API instead of the GUI to conduct brute force password guessing.

Applicable Platforms

Not Language-Specific

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now