Category: Communication Channel Errors
Draft
Summary
Weaknesses in this category are related to improper handling of communication channels and access paths. These weaknesses include problems in creating, managing, or removing alternate channels and alternate paths. Some of these can overlap virtual file problems and are commonly used in "bypass" attacks, such as those that exploit authentication errors.
Membership
| ID | Name | Description |
|---|---|---|
| CWE-1327 | Binding to an Unrestricted IP Address | This vulnerability occurs when software or a service is configured to bind to the IP address 0.0.0.0 (or :: in IPv6), which acts as a wildcard, accepting connections from any network interface on the host system. |
| CWE-322 | Key Exchange without Entity Authentication | This vulnerability occurs when a system establishes a cryptographic key with another party without first confirming that party's true identity. |
| CWE-346 | Origin Validation Error | This vulnerability occurs when an application fails to properly confirm the true origin of incoming data or communication, allowing attackers to spoof their source. |
| CWE-385 | Covert Timing Channel | A covert timing channel is a security flaw where an attacker can deduce secret information by observing how long certain operations take to execute. Instead of directly reading data, they analyze timing variations in system behavior to infer protected details. |
| CWE-419 | Unprotected Primary Channel | This vulnerability occurs when an application exposes a privileged administrative interface or restricted functionality through a primary channel (like a specific port, endpoint, or protocol) without implementing adequate security controls to protect it. |
| CWE-420 | Unprotected Alternate Channel | This vulnerability occurs when an application secures its main communication path but leaves a backup or alternative channel with weaker or no protection. |
| CWE-425 | Direct Request ('Forced Browsing') | This vulnerability occurs when a web application fails to verify user permissions for every protected page, file, or API endpoint, allowing attackers to access them directly. |
| CWE-515 | Covert Storage Channel | A covert storage channel is a type of security flaw where one process secretly encodes data into a shared system resource (like a file, memory bit, or status flag), and another unauthorized process later reads that resource to extract the hidden information. |
| CWE-918 | Server-Side Request Forgery (SSRF) | Server-Side Request Forgery (SSRF) occurs when a web application fetches a remote resource based on user-controlled input, but fails to properly validate or restrict where those requests are sent. This allows an attacker to trick the server into making unauthorized connections to internal systems or external domains. |
| CWE-924 | Improper Enforcement of Message Integrity During Transmission in a Communication Channel | This vulnerability occurs when an application receives data over a network but fails to properly verify that the information wasn't altered in transit. |
| CWE-940 | Improper Verification of Source of a Communication Channel | This vulnerability occurs when an application accepts incoming communication requests without properly checking where they originate from, allowing potentially malicious sources to establish a connection. |
| CWE-941 | Incorrectly Specified Destination in a Communication Channel | This vulnerability occurs when an application establishes an outgoing communication channel but fails to correctly define or enforce the intended recipient. This misdirection can allow data to be sent to an untrusted or malicious destination. |
| CWE-699 | Software Development | This view organizes weaknesses around concepts that are frequently used or encountered in software development. This includes all aspects of the software development lifecycle including both architecture and implementation. Accordingly, this view can align closely with the perspectives of architects, developers, educators, and assessment vendors. It provides a variety of categories that are intended to simplify navigation, browsing, and mapping. |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
Comment:
See member weaknesses of this category.