CWE · MITRE source
CWE-300Channel Accessible by Non-Endpoint
The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint.
In order to establish secure communication between two parties, it is often important to adequately verify the identity of entities at each end of the communication channel. Inadequate or inconsistent verification may result in insufficient or incorrect identification of either communicating entity. This can have negative consequences such as misplaced trust in the entity at the other end of the channel. An attacker can leverage this by interposing between the communicating entities and masquerading as the original entity. In the absence of sufficient verification of identity, such an attacker can eavesdrop and potentially modify the communication between the original entities.
Last updated: 04 July 2026 00:28 UTC
Cumulative inbound coverage
How completely the frameworks we cross-walk collectively cover this — the verdict is the strongest single mapping (overlapping partials are not summed); breadth shows the corroboration behind it.
Collective: full · 22 mapping(s) from 6 framework(s): CAPEC 9 (mostly) · ATT&CK 6 (full) · STIG oracle linux 8 4 (mostly) · STIG oracle linux 9 1 (mostly) · ASVS 5.0 1 (mostly) · OWASP-Web 1 (partial)
OWASP Top 10 for Web (2025)
This weakness contributes to A07:2025 Authentication Failures.
NIST 800-53 r5 controls that address this weakness (11)AI
Showing the 6 most specific. Generic controls that address many weakness types are collapsed below.
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
SC-11 | Trusted Path | SC | Explicitly isolates the communications path so it cannot be accessed or intercepted by non-endpoint entities during security functions. |
SC-19 | Voice Over Internet Protocol | SC | Restrictions and channel controls reduce the chance that VoIP media or signaling streams remain accessible to non-participants. |
SC-23 | Session Authenticity | SC | Directly prevents non-endpoint access or interception of the session communication path. |
IA-3 | Device Identification and Authentication | IA | Ensures only authenticated endpoints can access the communication channel, blocking unauthorized non-endpoint access. |
PE-4 | Access Control for Transmission | PE | Physically restricts transmission channels so they cannot be accessed or tapped by non-endpoint actors within facilities. |
RA-6 | Technical Surveillance Countermeasures Survey | RA | Periodic TSCM surveys identify unauthorized access points or taps that make communication channels reachable by non-endpoint adversaries. |
Show 5 more broadly-applicable controls
SC-37 | Out-of-band Channels | SC | An out-of-band channel is inaccessible to non-endpoints that can observe or interfere with the primary communication channel. |
SC-40 | Wireless Link Protection | SC | The control restricts an inherently broadcast wireless channel to only intended endpoints, mitigating accessibility by non-endpoints. |
SC-41 | Port and I/O Device Access | SC | Eliminates channels that could be accessed by non-endpoint actors through disabled ports and devices. |
SC-8 | Transmission Confidentiality and Integrity | SC | Confidentiality and integrity protections on the transmission channel directly reduce the ability of non-endpoint actors to access or tamper with the data. |
SC-9 | Transmission Confidentiality | SC | Renders the transmission channel inaccessible to non-endpoint eavesdroppers through encryption, eliminating the weakness class. |
MITRE ATT&CK techniques this weakness enables
Our own two-way CWE↔ATT&CK cross-walk — a direct mapping with no public source (the CWE→CAPEC→ATT&CK chain leaves most top weaknesses, incl. XSS and SQLi, mapped to nothing). Drafted by Grok and spot-checked by Claude Opus 4.8.
Direction: ← other covers this;
→ this covers other (F/M/P = full / mostly /
partial).
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2009-3555 | 8.0 | 9.8 | 0.8726 | 2009-11-09 |
CVE-2017-7480 | 7.0 | 9.8 | 0.0234 | 2017-07-21 |
CVE-2019-3793 | 7.0 | 9.8 | 0.0105 | 2019-04-24 |
CVE-2017-12150 | 6.0 | 7.4 | 0.1323 | 2018-07-26 |
CVE-2017-6870 | 5.5 | 7.4 | 0.0095 | 2017-08-08 |
CVE-2017-9941 | 5.5 | 7.4 | 0.0095 | 2017-08-08 |
CVE-2017-12735 | 5.5 | 7.4 | 0.0113 | 2017-08-30 |
CVE-2017-15086 | 5.5 | 7.4 | 0.0171 | 2017-11-08 |
CVE-2017-12151 | 5.5 | 7.4 | 0.0459 | 2018-07-27 |
CVE-2019-5456 | 5.5 | 8.1 | 0.0129 | 2019-07-30 |
CVE-2019-14899 | 5.5 | 7.4 | 0.0084 | 2019-12-11 |
CVE-2021-22909 | 5.5 | 7.5 | 0.0129 | 2021-05-27 |
CVE-2021-32926 UPD | 5.5 | 7.5 | 0.0219 | 2021-06-03 |
CVE-2021-41033 | 5.5 | 8.1 | 0.0105 | 2021-09-13 |
CVE-2021-21953 | 5.5 | 8.1 | 0.0098 | 2021-12-22 |
CVE-2023-32634 | 5.5 | 7.8 | 0.0043 | 2023-10-12 |
CVE-2023-31004 | 5.5 | 8.3 | 0.0099 | 2024-02-03 |
CVE-2024-31206 UPD | 5.5 | 8.2 | 0.0033 | 2024-04-04 |
CVE-2024-32049 | 5.5 | 7.4 | 0.0055 | 2024-05-08 |
CVE-2024-36553 | 5.5 | 8.1 | 0.0029 | 2025-02-06 |
CVE-2025-20122 UPD | 5.5 | 7.8 | 0.0013 | 2025-05-07 |
CVE-2025-31214 UPD | 5.5 | 8.1 | 0.0049 | 2025-05-12 |
CVE-2025-40770 UPD | 5.5 | 7.4 | 0.0011 | 2025-08-12 |
CVE-2025-63363 | 5.5 | 7.5 | 0.0027 | 2025-12-04 |
CVE-2017-15085 | 3.5 | 5.9 | 0.0171 | 2017-11-08 |