logo

CWE-421 - Race Condition During Access to Alternate Channel

CWE-421

  • Abstraction:
  • Base
  • Structure:
  • Simple
  • Status:
  • Draft
Weakness Name

Race Condition During Access to Alternate Channel

Description

The product opens an alternate channel to communicate with an authorized user, but the channel is accessible to other actors.

This creates a race condition that allows an attacker to access the channel before the authorized user does.

Common Consequences

Scope: Access Control

Impact: Gain Privileges or Assume Identity, Bypass Protection Mechanism

Related Weaknesses
  • Release Date:
  • 2006-07-19
  • Latest Modification Date:
  • 2023-06-29

Free security scan for your website