Description
The lack of protections on alternate paths to access control-protected assets (such as unprotected shadow registers and other external facing unguarded interfaces) allows an attacker to bypass existing protections to the asset that are only performed against the primary path.
CVE vulnerabilities with CWE-1299 (11)
7.5
CVSS
HIGH
CVE-2025-1073
pub. 2025-04-10
7.0
CVSS
HIGH
CVE-2025-35998
pub. 2026-02-10
6.8
CVSS
MEDIUM
CVE-2025-41697
pub. 2025-12-09
6.8
CVSS
MEDIUM
CVE-2025-26409
pub. 2025-02-11
6.8
CVSS
MEDIUM
CVE-2024-47944
pub. 2024-10-15
6.8
CVSS
MEDIUM
CVE-2021-3788
pub. 2021-11-12
5.4
CVSS
MEDIUM
CVE-2023-29060
pub. 2023-11-28
5.3
CVSS
MEDIUM
CVE-2022-43557
pub. 2022-12-05
4.6
CVSS
MEDIUM
CVE-2024-39723
pub. 2024-07-08
2.4
CVSS
LOW
CVE-2023-29063
pub. 2023-11-28