CWE-421 - Race Condition During Access to Alternate Channel
CWE-421
- Abstraction:
- Base
- Structure:
- Simple
- Status:
- Draft
- Weakness Name
Race Condition During Access to Alternate Channel
- Description
The product opens an alternate channel to communicate with an authorized user, but the channel is accessible to other actors.
This creates a race condition that allows an attacker to access the channel before the authorized user does.
- Common Consequences
Scope: Access Control
Impact: Gain Privileges or Assume Identity, Bypass Protection Mechanism
- Related Weaknesses
- Release Date:
- 2006-07-19
- Latest Modification Date:
- 2023-06-29
Free security scan for your website