CWE-288 Detalhe

CWE-288

Authentication Bypass Using an Alternate Path or Channel
Incomplete
2006-07-19
00h00 +00:00
2025-12-11
00h00 +00:00
CWE Mitre.org
Notificações para um CWE
Fique informado sobre quaisquer alterações para um CWE específico.
Gerenciar notificações

Nome: Authentication Bypass Using an Alternate Path or Channel

The product requires authentication, but the product has an alternate path or channel that does not require authentication.

Informações Gerais

Modos de Introdução

Architecture and Design : COMMISSION: This weakness refers to an incorrect design related to an architectural security tactic.
Architecture and Design : This is often seen in web applications that assume that access to a particular CGI program can only be obtained through a "front" screen, when the supporting programs are directly accessible. But this problem is not just in web apps.

Plataformas Aplicáveis

Linguagem

Class: Not Language-Specific (Undetermined)

Tecnologias

Class: Not Technology-Specific (Undetermined)
Class: Web Based (Undetermined)

Consequências Comuns

Escopo Impacto Probabilidade
Access ControlBypass Protection Mechanism

Exemplos Observados

Referências Descrição

CVE-2000-1179

Router allows remote attackers to read system logs without authentication by directly connecting to the login screen and typing certain control characters.

CVE-1999-1454

Attackers with physical access to the machine may bypass the password prompt by pressing the ESC (Escape) key.

CVE-1999-1077

OS allows local attackers to bypass the password protection of idled sessions via the programmer's switch or CMD-PWR keyboard sequence, which brings up a debugger that the attacker can use to disable the lock.

CVE-2003-0304

Direct request of installation file allows attacker to create administrator accounts.

CVE-2002-0870

Attackers may gain additional privileges by directly requesting the web management URL.

CVE-2002-0066

Bypass authentication via direct request to named pipe.

CVE-2003-1035

User can avoid lockouts by using an API instead of the GUI to conduct brute force password guessing.

Mitigações Potenciais

Phases : Architecture and Design
Funnel all access through a single choke point to simplify how users can access a resource. For every access, perform a check to determine if the user has permissions to access the resource.

Notas de Mapeamento de Vulnerabilidade

Justificativa : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.
Comentário : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.

Padrões de Ataque Relacionados

CAPEC-ID Nome do Padrão de Ataque
CAPEC-127 Directory Indexing
An adversary crafts a request to a target that results in the target listing/indexing the content of a directory as output. One common method of triggering directory contents as output is to construct a request containing a path that terminates in a directory name rather than a file name since many applications are configured to provide a list of the directory's contents when such a request is received. An adversary can use this to explore the directory tree on a target as well as learn the names of files. This can often end up revealing test files, backup files, temporary files, hidden files, configuration files, user accounts, script contents, as well as naming conventions, all of which can be used by an attacker to mount additional attacks.
CAPEC-665 Exploitation of Thunderbolt Protection Flaws

Notas

overlaps Unprotected Alternate Channel

Submissão

Nome Organização Data Data de lançamento Version
PLOVER 2006-07-19 +00:00 2006-07-19 +00:00 Draft 3

Modificações

Nome Organização Data Comentário
CWE Content Team MITRE 2008-09-08 +00:00 updated Description, Modes_of_Introduction, Name, Relationships, Observed_Example, Relationship_Notes, Taxonomy_Mappings, Type
CWE Content Team MITRE 2008-11-24 +00:00 updated Observed_Examples
CWE Content Team MITRE 2011-03-29 +00:00 updated Relationships
CWE Content Team MITRE 2011-06-01 +00:00 updated Common_Consequences
CWE Content Team MITRE 2012-05-11 +00:00 updated Observed_Examples, Related_Attack_Patterns, Relationships
CWE Content Team MITRE 2012-10-30 +00:00 updated Potential_Mitigations
CWE Content Team MITRE 2014-07-30 +00:00 updated Relationships
CWE Content Team MITRE 2017-05-03 +00:00 updated Related_Attack_Patterns, Relationships
CWE Content Team MITRE 2017-11-08 +00:00 updated Applicable_Platforms, Modes_of_Introduction, Relationships
CWE Content Team MITRE 2020-02-24 +00:00 updated Relationships
CWE Content Team MITRE 2020-08-20 +00:00 updated Relationships
CWE Content Team MITRE 2020-12-10 +00:00 updated Relationships
CWE Content Team MITRE 2021-07-20 +00:00 updated Related_Attack_Patterns
CWE Content Team MITRE 2021-10-28 +00:00 updated Relationships
CWE Content Team MITRE 2022-10-13 +00:00 updated Relationships
CWE Content Team MITRE 2023-04-27 +00:00 updated Relationships
CWE Content Team MITRE 2023-06-29 +00:00 updated Mapping_Notes, Relationships
CWE Content Team MITRE 2023-10-26 +00:00 updated Demonstrative_Examples
CWE Content Team MITRE 2024-11-19 +00:00 updated Description, Diagram
CWE Content Team MITRE 2025-12-11 +00:00 updated Applicable_Platforms, Relationships, Weakness_Ordinalities
As informações apresentadas no CVE Find originam-se de várias fontes de referência cuidadosamente selecionadas. Os dados CVE são fornecidos pela MITRE Corporation e pelo National Vulnerability Database (NVD). O catálogo de Vulnerabilidades Conhecidas Exploradas (KEV) é proveniente da Cybersecurity and Infrastructure Security Agency (CISA), enquanto as pontuações EPSS vêm do FIRST.org. Além disso, os dados sobre fraquezas de software (CWE) e padrões de ataque comuns (CAPEC) são mantidos pela MITRE Corporation, e as informações sobre configurações de hardware e software (CPE) são fornecidas pelo NVD.