Read Time:25 Second
Description
This attack-focused weakness is caused by improperly implemented authentication schemes that are subject to spoofing attacks.
Modes of Introduction:
– Architecture and Design
Related Weaknesses
Consequences
Access Control: Bypass Protection Mechanism, Gain Privileges or Assume Identity
This weakness can allow an attacker to access resources which are not otherwise accessible without proper authentication.
Potential Mitigations
CVE References
- CVE-2009-1048
- VOIP product allows authentication bypass using 127.0.0.1 in the Host header.