1. Home
  2. CWE Database
  3. CWE-636
Class · High

CWE-636: Not Failing Securely ('Failing Open')

When the product encounters an error condition or failure, its design requires it to fall back to a state that is less secure than other options that are available, such as selecting the weakest encry...

CWE-636 · Class Level ·2 CVEs ·1 Mitigations

Description

When the product encounters an error condition or failure, its design requires it to fall back to a state that is less secure than other options that are available, such as selecting the weakest encryption algorithm or using the most permissive access control restrictions.

By entering a less secure state, the product inherits the weaknesses associated with that state, making it easier to compromise. At the least, it causes administrators to have a false sense of security. This weakness typically occurs as a result of wanting to "fail functional" to minimize administration and support costs, instead of "failing safe."

Potential Impact

Access Control

Bypass Protection Mechanism

Mitigations & Prevention

Architecture and Design

Subdivide and allocate resources and components so that a failure in one part does not affect the entire product.

Real-World CVE Examples

CVE IDDescription
CVE-2007-5277The failure of connection attempts in a web browser resets DNS pin restrictions. An attacker can then bypass the same origin policy by rebinding a domain name to a different IP address. This was an at
CVE-2006-4407Incorrect prioritization leads to the selection of a weaker cipher. Although it is not known whether this issue occurred in implementation or design, it is feasible that a poorly designed algorithm co

CWE-657: Violation of Secure Design Principles

The product violates well-established principles for secure design.

CWE-755: Improper Handling of Exceptional Conditions

The product does not handle or incorrectly handles an exceptional condition.

CWE-280: Improper Handling of Insufficient Permissions or Privileges

The product does not handle or incorrectly handles when it has insufficient privileges to access resources or functional...

Taxonomy Mappings

  • OWASP Top Ten 2004: A7 — Improper Error Handling

Frequently Asked Questions

What is CWE-636?

CWE-636 (Not Failing Securely ('Failing Open')) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Class-level weakness. When the product encounters an error condition or failure, its design requires it to fall back to a state that is less secure than other options that are available, such as selecting the weakest encry...

How can CWE-636 be exploited?

Attackers can exploit CWE-636 (Not Failing Securely ('Failing Open')) to bypass protection mechanism. This weakness is typically introduced during the Architecture and Design, Implementation phase of software development.

How do I prevent CWE-636?

Key mitigations include: Subdivide and allocate resources and components so that a failure in one part does not affect the entire product.

What is the severity of CWE-636?

CWE-636 is classified as a Class-level weakness (High abstraction). It has been observed in 2 real-world CVEs.