Authentication mechanism absence or evasion

Description#

The system lacks an authentication mechanism or has one that can be bypassed. Therefore, an attacker can access resources that should be protected without having an active session.

Requirements#