CWE-420: Unprotected Alternate Channel

low-risk

The product protects a primary channel, but it does not use the same level of protection for an alternate channel.

Abstraction: Base

Common Consequences

Access Control Gain Privileges or Assume Identity

Real-World Examples (10)

CVE CVSS EPSS KEV
CVE-2023-20198 10.0 94.0% Y
CVE-2025-13315 9.8 82.4%
CVE-2025-54309 9.0 77.8% Y
CVE-2024-10081 10.0 73.9%
CVE-2020-8558 5.4 20.1%
CVE-2024-4444 5.3 0.9%
CVE-2023-28842 6.8 0.6%
CVE-2023-28840 7.5 0.5%
CVE-2023-30946 3.5 0.4%
CVE-2022-25786 4.9 0.3%
15
/ 100
low-risk
Active Threat 13/50 · Low
Exploit Availability 2/50 · Minimal