CWE DATABASE
About
GET A DEMO
Backslash Vulnerability Database
Improper Protection of Alternate Path
Improper Protection of Alternate Path
CWE-424
CVSS severity (NVD, All Time)
Short description
The product does not sufficiently protect all possible paths that a user can take to access restricted functionality or resources.
Best practices to prevent this CWE
Phase: Architecture and Design
Deploy different layers of protection to implement security in depth.