CWE•Base•Draft•6 recent CVEs

CWE-420Unprotected Alternate Channel

Description

The product protects a primary channel, but it does not use the same level of protection for an alternate channel.

Common consequences

Access Control→Gain Privileges or Assume Identity,Bypass Protection Mechanism

Potential mitigations

Architecture and Design
Identify all alternate channels and use the same protection mechanisms that are used for the primary channels.

Related CWEs

CWE-923Improper Restriction of Communication Channel to Intended Endpoints

Recent CVEs classified under this CWE

CVE-2026-404355.32026-05-13 CVE-2026-435056.52026-05-01 CVE-2026-402178.82026-04-10 CVE-2026-353882.52026-04-02 CVE-2024-60995.32024-07-02 CVE-2024-44445.32024-05-14