CWE-300
Channel Accessible by Non-Endpoint
The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint.
Official CWE-300 definition at MITREImpactr finds and proves weaknesses like CWE-300 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist