CWE-424
Improper Protection of Alternate Path
Description
The product does not sufficiently protect all possible paths that a user can take to access restricted functionality or resources.
Top Monitored CVEs
Consequences
Access Control
—
Bypass Protection Mechanism, Gain Privileges or Assume Identity
Mitigations
Phase: Architecture and Design
Deploy different layers of protection to implement security in depth.