Class weakness
Draft
CWE-602: Client-Side Enforcement of Server-Side Security
The product is composed of a server that relies on the client to implement a mechanism that is intended to protect the server.
101
Recorded CVEs
With this primary weakness
0
KEVs
In the CISA KEV catalog
Medium
Likelihood of exploit
Per MITRE
Class
Abstraction
MITRE classification
Overview
When the server relies on protection mechanisms placed on the client side, an attacker can modify the client-side behavior to bypass the protection mechanisms, resulting in potentially unexpected interactions between the client and server. The consequences will vary, depending on what the mechanisms are trying to protect.