CWE•Base•Incomplete•1 recent CVE
CWE-941Incorrectly Specified Destination in a Communication Channel
Description
The product creates a communication channel to initiate an outgoing request to an actor, but it does not correctly specify the intended destination for that actor.
[object Object]
Common consequences
- Access Control,Other→Gain Privileges or Assume Identity,Varies by Context,Bypass Protection MechanismAn attacker can access any functionality that is inadvertently accessible to the source.