Read Time:1 Minute, 16 Second

Description

The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Modes of Introduction:

– Architecture and Design

 

Likelihood of Exploit: High

 

Related Weaknesses

CWE-287
CWE-287

 

Consequences

Access Control, Other: Gain Privileges or Assume Identity, Other

Exposing critical functionality essentially provides an attacker with the privilege level of that functionality. The consequences will depend on the associated functionality, but they can range from reading or modifying sensitive data, access to administrative or other privileged functionality, or possibly even execution of arbitrary code.

 

Potential Mitigations

Phase: Architecture and Design

Description: 

Phase: Architecture and Design

Description: 

For any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.

Phase: Architecture and Design

Description: 

Phase: Architecture and Design

Description: 

CVE References

  • CVE-2002-1810
    • MFV. Access TFTP server without authentication and obtain configuration file with sensitive plaintext information.
  • CVE-2008-6827
    • Agent software running at privileges does not authenticate incoming requests over an unprotected channel, allowing a Shatter” attack.
  • CVE-2004-0213
    • Product enforces restrictions through a GUI but not through privileged APIs.
  • CVE-2020-15483
    • monitor device allows access to physical UART debug port without authentication