logo

CWE-941 - Incorrectly Specified Destination in a Communication Channel

CWE-941

  • Abstraction:
  • Base
  • Structure:
  • Simple
  • Status:
  • Incomplete
Weakness Name

Incorrectly Specified Destination in a Communication Channel

Description

The product creates a communication channel to initiate an outgoing request to an actor, but it does not correctly specify the intended destination for that actor.

Attackers at the destination may be able to spoof trusted servers to steal data or cause a denial of service. There are at least two distinct weaknesses that can cause the product to communicate with an unintended destination:

Related Weaknesses

CWE-923Improper Restriction of Communication Channel to Intended Endpoints

CWE-406Insufficient Control of Network Message Volume (Network Amplification)

  • Release Date:
  • 2014-02-19
  • Latest Modification Date:
  • 2023-06-29

Free security scan for your website