CWE-421
Race Condition During Access to Alternate Channel
AI Translation Available
The product opens an alternate channel to communicate with an authorized user, but the channel is accessible to other actors.
Status
draft
Abstraction
base
Affected Platforms
Extended Description
AI Translation
This creates a race condition that allows an attacker to access the channel before the authorized user does.
Technical Details
AI Translation
Common Consequences
access control
Impacts
gain privileges or assume identity
bypass protection mechanism
Potential Mitigations
Functional Areas
program invocation