Back to CWE list
CWE-419
Unprotected Primary Channel
Base
Draft
Description
The product uses a primary channel for administration or restricted functionality, but it does not properly protect the channel.
Parent Weaknesses (ChildOf)
Common Consequences
Scope
Access Control
Impact
Gain Privileges or Assume Identity, Bypass Protection Mechanism
Potential Mitigations
Architecture and Design
Do not expose administrative functionnality on the user UI.
Architecture and Design
Protect the administrative/restricted functionality with a strong authentication mechanism.
Applicable Platforms
Not Language-Specific
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now