logo

CWE-655 - Insufficient Psychological Acceptability

CWE-655

  • Abstraction:
  • Class
  • Structure:
  • Simple
  • Status:
  • Draft
Weakness Name

Insufficient Psychological Acceptability

Description

The product has a protection mechanism that is too difficult or inconvenient to use, encouraging non-malicious users to disable or bypass the mechanism, whether by accident or on purpose.

Common Consequences

Scope: Access Control

Impact: Bypass Protection Mechanism

Notes: By bypassing the security mechanism, a user might leave the system in a less secure state than intended by the administrator, making it more susceptible to compromise.

Related Weaknesses
  • Release Date:
  • 2008-01-30
  • Latest Modification Date:
  • 2023-06-29

Free security scan for your website