CWE-273 - Improper Check for Dropped Privileges
CWE-273 Medium
- Abstraction:
- Base
- Structure:
- Simple
- Status:
- Incomplete
- Weakness Name
Improper Check for Dropped Privileges
- Description
The product attempts to drop privileges but does not check or incorrectly checks to see if the drop succeeded.
If the drop fails, the product will continue to run with the raised privileges, which might provide additional access to unprivileged users.
- Common Consequences
Scope: Access Control
Impact: Gain Privileges or Assume Identity
Notes: If privileges are not dropped, neither are access rights of the user. Often these rights can be prevented from being dropped.
Scope: Access Control, Non-Repudiation
Impact: Gain Privileges or Assume Identity, Hide Activities
Notes: If privileges are not dropped, in some cases the system may record actions as the user which is being impersonated rather than the impersonator.
- Related Weaknesses
- Release Date:
- 2006-07-19
- Latest Modification Date:
- 2023-06-29
Free security scan for your website