VYPR

CWE-1280

Access Control Check Implemented After Asset is Accessed

BaseIncomplete

Description

A product's hardware-based access control check occurs after the asset has been accessed.

Hierarchy (View 1000)

Children

none

Related attack patterns (CAPEC)

CAPEC-180

CVEs mapped to this weakness (1)

  • CVE-2026-3607MedMay 14, 2026
    risk 0.28cvss 4.3epss 0.00

    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.3 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with developer-role permissions to bypass package protection rules due to improper access…