CWE-272 - Least Privilege Violation

CWE-272

Abstraction:
Base

Structure:
Simple

Status:
Incomplete

Weakness Name: Least Privilege Violation

Description: The elevated privilege level required to perform operations such as chroot() should be dropped immediately after the operation is performed.

Common Consequences: Scope: Access Control, Confidentiality
Impact: Gain Privileges or Assume Identity, Read Application Data, Read Files or Directories
Notes: An attacker may be able to access resources with the elevated privilege that could not be accessed with the attacker's original privileges. This is particularly likely in conjunction with another flaw, such as a buffer overflow.

Related Weaknesses: CWE-271Privilege Dropping / Lowering ErrorsHigh

Release Date:
2006-07-19

Latest Modification Date:
2023-06-29

Free security scan for your website

Don't show website scan report rating on the leaderboard