Description
The product uses a primary channel for administration or restricted functionality, but it does not properly protect the channel.
Potential Impact
Access Control
Gain Privileges or Assume Identity, Bypass Protection Mechanism
Mitigations & Prevention
Do not expose administrative functionnality on the user UI.
Protect the administrative/restricted functionality with a strong authentication mechanism.
Related Weaknesses
Taxonomy Mappings
- PLOVER: — Unprotected Primary Channel
Frequently Asked Questions
What is CWE-419?
CWE-419 (Unprotected Primary Channel) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Base-level weakness. The product uses a primary channel for administration or restricted functionality, but it does not properly protect the channel.
How can CWE-419 be exploited?
Attackers can exploit CWE-419 (Unprotected Primary Channel) to gain privileges or assume identity, bypass protection mechanism. This weakness is typically introduced during the Architecture and Design, Implementation phase of software development.
How do I prevent CWE-419?
Key mitigations include: Do not expose administrative functionnality on the user UI.
What is the severity of CWE-419?
CWE-419 is classified as a Base-level weakness (Medium abstraction). Its actual severity depends on the specific context and how the weakness manifests in your application.