CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (2.10)  
ID

CWE-420: Unprotected Alternate Channel

Weakness ID: 420
Abstraction: Base
Status: Draft
Presentation Filter:
+ Description

Description Summary

The software protects a primary channel, but it does not use the same level of protection for an alternate channel.
+ Time of Introduction
  • Architecture and Design
  • Implementation
  • Operation
+ Applicable Platforms

Languages

Language-independent

+ Common Consequences
ScopeEffect
Access Control

Technical Impact: Gain privileges / assume identity; Bypass protection mechanism

+ Observed Examples
ReferenceDescription
DB server assumes that local clients have performed authentication, allowing attacker to directly connect to a process to load libraries and execute commands; a socket interface also exists (another alternate channel), so attack can be remote.
Product does not restrict access to underlying database, so attacker can bypass restrictions by directly querying the database.
User can avoid lockouts by using an API instead of the GUI to conduct brute force password guessing.
FTP service can not be disabled even when other access controls would require it.
Windows named pipe created without authentication/access control, allowing configuration modification.
Router management interface spawns a separate TCP connection after authentication, allowing hijacking by attacker coming from the same IP address.
+ Potential Mitigations

Phase: Architecture and Design

Identify all alternate channels and use the same protection mechanisms that are used for the primary channels.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfCategoryCategory418Channel Errors
Development Concepts (primary)699
ChildOfWeakness ClassWeakness Class923Improper Restriction of Communication Channel to Intended Endpoints
Research Concepts (primary)1000
ChildOfCategoryCategory956SFP Secondary Cluster: Channel Attack
Software Fault Pattern (SFP) Clusters (primary)888
ParentOfWeakness BaseWeakness Base421Race Condition During Access to Alternate Channel
Development Concepts (primary)699
Research Concepts (primary)1000
ParentOfWeakness VariantWeakness Variant422Unprotected Windows Messaging Channel ('Shatter')
Development Concepts (primary)699
Research Concepts (primary)1000
PeerOfWeakness BaseWeakness Base288Authentication Bypass Using an Alternate Path or Channel
Research Concepts1000
+ Relationship Notes

This can be primary to authentication errors, and resultant from unhandled error conditions.

+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
PLOVERUnprotected Alternate Channel
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
PLOVERExternally Mined
Modifications
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Potential_Mitigations, Time_of_Introduction
2008-09-08CWE Content TeamMITREInternal
updated Relationships, Relationship_Notes, Taxonomy_Mappings
2011-06-01CWE Content TeamMITREInternal
updated Common_Consequences
2012-05-11CWE Content TeamMITREInternal
updated Relationships
2012-10-30CWE Content TeamMITREInternal
updated Potential_Mitigations
2013-07-17CWE Content TeamMITREInternal
updated Applicable_Platforms, Potential_Mitigations, Relationships
2014-07-30CWE Content TeamMITREInternal
updated Relationships

More information is available — Please select a different filter.
Page Last Updated: January 18, 2017