CWE-270 - Privilege Context Switching Error
CWE-270
- Abstraction:
- Base
- Structure:
- Simple
- Status:
- Draft
- Weakness Name
Privilege Context Switching Error
- Description
The product does not properly manage privileges while it is switching between different contexts that have different privileges or spheres of control.
- Common Consequences
Scope: Access Control
Impact: Gain Privileges or Assume Identity
Notes: A user can assume the identity of another user with separate privileges in another context. This will give the user unauthorized access that may allow them to acquire the access information of other users.
- Related Weaknesses
- Release Date:
- 2006-07-19
- Latest Modification Date:
- 2023-06-29
Free security scan for your website