Tag Archives: Improper Restriction of Communication Channel to Intended Endpoints

CWE-923 – Improper Restriction of Communication Channel to Intended Endpoints

Read Time:24 Second

Description

The software establishes a communication channel to (or from) an endpoint for privileged or protected operations, but it does not properly ensure that it is communicating with the correct endpoint.

Modes of Introduction:

– Architecture and Design

Likelihood of Exploit:

 

Related Weaknesses

CWE-284

 

Consequences

Integrity, Confidentiality: Gain Privileges or Assume Identity

If an attacker can spoof the endpoint, the attacker gains all the privileges that were intended for the original endpoint.

 

Potential Mitigations

CVE References