CWE-424

Improper Protection of Alternate Path

Weakness Description

The product does not sufficiently protect all possible paths that a user can take to access restricted functionality or resources.

Potential Mitigations

Architecture and Design

Deploy different layers of protection to implement security in depth.

Common Consequences

Access Control
Bypass Protection MechanismGain Privileges or Assume Identity
Advertisement

Related Weaknesses