Description
When the product encounters an error condition or failure, its design requires it to fall back to a state that is less secure than other options that are available, such as selecting the weakest encryption algorithm or using the most permissive access control restrictions.
Latest vulnerabilities for CWE-636
References
Description of CWE-636 on Mitre website