CWE-693
Protection Mechanism Failure
Description
The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.
This weakness covers three distinct situations. A "missing" protection mechanism occurs when the application does not define any mechanism against a certain class of attack. An "insufficient" protection mechanism might provide some defenses - for example, against the most common attacks - but it does not protect against everything that is intended. Finally, an "ignored" mechanism occurs when a mechanism is available and in active use within the product, but the developer has not applied it in some code path.
Top Monitored CVEs
CVE-2024-21412
HIGH
KEV
8.1
95.4%
2024-02-13
CVE-2025-40536
CRITICAL
KEV
9.8
81.6%
2026-01-28
CVE-2026-32202
MEDIUM
KEV
4.3
64.1%
2026-04-14
CVE-2024-29988
HIGH
KEV
8.8
45.2%
2024-04-09
CVE-2026-21510
HIGH
KEV
8.8
25.8%
2026-02-10
CVE-2026-21513
HIGH
KEV
8.8
15.4%
2026-02-10
CVE-2024-38213
MEDIUM
KEV
6.5
13.4%
2024-08-13
CVE-2024-38217
MEDIUM
KEV
5.4
9.8%
2024-09-10
CVE-2024-38092
HIGH
8.8
1.6%
2024-07-09
Consequences
Access Control
—
Bypass Protection Mechanism