Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-693 (保护机制失效) — Vulnerability Class 224

224 vulnerabilities classified as CWE-693 (保护机制失效). AI Chinese analysis included.

CWE-693 represents a critical vulnerability where software fails to implement or correctly utilize necessary security controls, leaving systems exposed to directed attacks. This weakness manifests in two primary forms: missing mechanisms, where no defense exists for a specific threat vector, and insufficient mechanisms, where existing safeguards are inadequate or improperly configured. Attackers typically exploit these gaps by bypassing authentication, escalating privileges, or accessing sensitive data that should have been restricted. To mitigate this risk, developers must conduct rigorous threat modeling to identify all potential attack surfaces and ensure comprehensive security controls are in place. Regular code reviews and automated security testing help verify that protection mechanisms function as intended. By adopting a defense-in-depth strategy and validating that every security feature is both present and robust, organizations can significantly reduce the likelihood of exploitation and maintain the integrity of their applications.

MITRE CWE Description
The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product. This weakness covers three distinct situations. A "missing" protection mechanism occurs when the application does not define any mechanism against a certain class of attack. An "insufficient" protection mechanism might provide some defenses - for example, against the most common attacks - but it does not protect against everything that is intended. Finally, an "ignored" mechanism occurs when a mechanism is available and in active use within the product, but the developer has not applied it in some code path.
Common Consequences (1)
Access ControlBypass Protection Mechanism
CVE IDTitleCVSSSeverityPublished
CVE-2022-27516 User login brute force protection functionality bypass — Citrix Gateway, Citrix ADC 5.3 Medium2022-11-08
CVE-2022-39266 isolated-vm has vulnerable CachedDataOptions in API — isolated-vm 9.7 Critical2022-09-29
CVE-2022-39957 Response body bypass in OWASP ModSecurity Core Rule Set via a specialy crafted charset in the HTTP Accept header — ModSecurity Core Rule Set 7.3 High2022-09-20
CVE-2022-36085 OPA Compiler: Bypass of WithUnsafeBuiltins using `with` keyword to mock functions — opa 7.4 High2022-09-08
CVE-2022-35978 Lua sandbox escape from mod in Minetest — minetest 7.7 High2022-08-15
CVE-2022-31479 Remote Code Execution via command injection of the hostname — LNL-X2210 9.6 Critical2022-06-06
CVE-2022-20805 Cisco Umbrella Secure Web Gateway File Decryption Bypass Vulnerability — Cisco Umbrella Insights Virtual Appliance 4.1 Medium2022-04-21
CVE-2022-20738 Cisco Umbrella Secure Web Gateway File Inspection Bypass Vulnerability — Cisco Umbrella Insights Virtual Appliance 5.8 Medium2022-02-10
CVE-2022-22152 Contrail Service Orchestration: Tenants able to see other tenants policies via REST API interface — Contrail Service Orchestration 7.7 High2022-01-19
CVE-2021-36310 DELL Dell Networking OS10 资源管理错误漏洞 — Dell Networking OS10 4.9 Medium2021-11-20
CVE-2020-12954 AMD Platform Security Processor 安全漏洞 — 1st Gen AMD EPYC™ 5.5 -2021-11-16
CVE-2021-31362 Junos OS and Junos OS Evolved: An IS-IS adjacency might be taken down if a bad hello PDU is received for an existing adjacency causing a DoS — Junos OS 6.5 Medium2021-10-19
CVE-2021-1616 Cisco IOS XE Software H.323 Application Level Gateway Bypass Vulnerability — Cisco IOS XE Software 4.7 Medium2021-09-23
CVE-2021-32835 Groovy Sandbox escape in Eclipse Keti — keti 9.9 -2021-09-09
CVE-2021-3453 多款 Lenovo 设备 安全漏洞 — BIOS 6.8 Medium2021-07-16
CVE-2021-32729 A user without PR can reset user authentication failures information — xwiki-platform 2.0 Low2021-07-01
CVE-2021-1517 Cisco Webex Meetings and Webex Meetings Server Multimedia Sharing Security Bypass Vulnerability — Cisco WebEx Meetings Server 5.0 Medium2021-06-04
CVE-2021-27245 TP-Link Archer A7 安全漏洞 — Archer A7 9.8 -2021-03-29
CVE-2021-1224 Multiple Cisco Products Snort TCP Fast Open File Policy Bypass Vulnerability — Cisco Firepower Threat Defense Software 5.8 Medium2021-01-13
CVE-2021-1223 Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability — Cisco Firepower Threat Defense Software 5.3 -2021-01-13
CVE-2020-28396 多款Siemens产品安全漏洞 — SICAM A8000 CP-8000 7.3 -2020-12-14
CVE-2020-3455 Cisco FXOS Software for Firepower 4100/9300 Series Appliances Secure Boot Bypass Vulnerability — Cisco Firepower Extensible Operating System (FXOS) 6.7 -2020-10-21
CVE-2020-3458 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000/2100 Series Appliances Secure Boot Bypass Vulnerabilities — Cisco Adaptive Security Appliance (ASA) Software 6.7 -2020-10-21
CVE-2020-3299 Multiple Cisco Products SNORT HTTP Detection Engine File Policy Bypass Vulnerability — Cisco Firepower Threat Defense Software 5.3 -2020-10-21
CVE-2020-15215 Context isolation bypass in Electron — electron 5.6 Medium2020-10-06
CVE-2020-15174 Unpreventable top-level navigation in Electron — electron 7.5 High2020-10-06
CVE-2020-16198 Philips Clinical Collaboration Platform Protection Mechanism Failure — Clinical Collaboration Platform 5.0 Medium2020-09-18
CVE-2020-7320 Protection Mechanism Failure in ENS for Windows — Endpoint Security for Windows 6.7 Medium2020-09-09
CVE-2020-5379 Dell Inspiron 7352 BIOS 安全漏洞 — CPG BIOS 6.8 Medium2020-09-02
CVE-2020-3285 Cisco Firepower Threat Defense Software SSL/TLS URL Category Bypass Vulnerability — Cisco Firepower Threat Defense Software 5.8 -2020-05-06

Vulnerabilities classified as CWE-693 (保护机制失效) represent 224 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.