General Information

Authentication Bypass using an Alternate Path or Channel

Variants:
Direct 

Also Known As:
Authentication Bypass by Alternate Name

Vector Type:
Attack

Relevance:
Generic

Layer:
Application-Level

Platforms:
Any

Target Type:
Application

Affected Mechanisms:
Authentication Enforcement

Invented In:
11/01/1999

Added In:
09/12/2014


Vector Operation Method:
Attackers can bypass the authentication enforcement by accessing protected resources using alternate names or encoded variants.


Direct Variant:

Authentication Bypass using an Alternate Path or Channel

Variant Title:
Authentication Bypass using an Alternate Path or Channel

Typical Severity:
Major

Learn More: