logo

CWE-348 - Use of Less Trusted Source

CWE-348

  • Abstraction:
  • Base
  • Structure:
  • Simple
  • Status:
  • Draft
Weakness Name

Use of Less Trusted Source

Description

The product has two different sources of the same data or information, but it uses the source that has less support for verification, is less trusted, or is less resistant to attack.

Common Consequences

Scope: Access Control

Impact: Bypass Protection Mechanism, Gain Privileges or Assume Identity

Notes: An attacker could utilize the untrusted data source to bypass protection mechanisms and gain access to sensitive data.

Related Weaknesses
  • Release Date:
  • 2006-07-19
  • Latest Modification Date:
  • 2024-02-29

Free security scan for your website