[Forgot Password]
Login  Register Subscribe

23631

 
 

115084

 
 

97147

 
 

909

 
 

78764

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CWE
view XML

Protection Mechanism Failure

ID: 693Date: (C)2012-05-14   (M)2017-10-12
Type: weaknessStatus: DRAFT
Abstraction Type: Class





Description

The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

Extended Description

This weakness covers three distinct situations. A "missing" protection mechanism occurs when the application does not define any mechanism against a certain class of attack. An "insufficient" protection mechanism might provide some defenses - for example, against the most common attacks - but it does not protect against everything that is intended. Finally, an "ignored" mechanism occurs when a mechanism is available and in active use within the product, but the developer has not applied it in some code path.

Applicable Platforms
Language Class: All

Time Of Introduction

  • Architecture and Design
  • Implementation
  • Operation

Related Attack Patterns

Common Consequences

ScopeTechnical ImpactNotes
Access_Control
 
Bypass protection mechanism
 
 

Detection Methods
None

Potential Mitigations
None

Relationships

Related CWETypeViewChain
CWE-693 ChildOf CWE-907 Category CWE-888  

Demonstrative Examples
None

White Box Definitions
None

Black Box Definitions
None

Taxynomy Mappings
None

References:
None

© 2013 SecPod Technologies