CWE-636 - Not Failing Securely ('Failing Open')
- Abstraction:Class
- Structure:Simple
- Status:Draft
- Release Date:2008-01-30
- Latest Modification Date:2023-10-26
Weakness Name
Not Failing Securely ('Failing Open')
Description
When the product encounters an error condition or failure, its design requires it to fall back to a state that is less secure than other options that are available, such as selecting the weakest encryption algorithm or using the most permissive access control restrictions.
By entering a less secure state, the product inherits the weaknesses associated with that state, making it easier to compromise. At the least, it causes administrators to have a false sense of security. This weakness typically occurs as a result of wanting to "fail functional" to minimize administration and support costs, instead of "failing safe."
Common Consequences
Scope: Access Control
Impact: Bypass Protection Mechanism
Notes: Intended access restrictions can be bypassed, which is often contradictory to what the product's administrator expects.
